Attention Government and Defense Industry Contractors

SUBJECT / NIST 800-171 Deadline Approaches Required Attestation of Competency Due by December 31st (See 252.204-7008.) As referenced within your Contract: “(1) By submission of this offer, the Offeror represents that it will implement the security requirements specified by National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 “Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations” that are in effect at the time the solicitation is issued or as authorized by the contracting officer not later than December 31, 2017.”   Also see http://dx.doi.org/10.6028/NIST.SP.800-171 How will this impact your company? The mandate for Defense Contractors to achieve NIST 800-171 compliance before the end of the year is fast approaching.  Without an accredited Statement of Facts and Attestation of Competency, your organization may lose all access to future government contracts.  To solve this crisis, US ProTech is validated by the U.S. Dept. of Commerce under the High-Impact Baseline Standard NIST 800-53 R4 to provide third-party attestation of competency for NIST 800-171 and NIST 800-53. To simplify the process and save both time and money: We’ll producethe required documentation for the regulation, US ProTech offers a proven-successful Four-Step process.  1. The NIST 800-171 Risk & Compliance Assessment 2. Itemized Remediation Plan (Corrective Action Plans) 3. A Standardized set of Comprehensive Policies and Procedures 4. US ProTech’s Attestation of Competency, Certificate & Plaque Contact us today to receive a complimentary consultation   About US ProTech, Inc.: Founded in 1999, US ProTech is a nationally recognized Cybersecurity software development and Managed Security Services Provider whose focus is building their clients security fortitude and enabling them to conduct business with higher levels...

3 Technology Trends Driving Business Outcomes

Many businesses turn to technology to find ways to reduce costs and overhead. Technology trends–Software as a Service, Internet of Things, Software Defined Wide Area Networking, marketing automation, and Cloud-based communications and collaboration–are top of mind with business owners who prioritize improving staff productivity and capability, and reaching new customer segments. Here are three technology trends to take advantage of to drive business outcomes. Software as a Service One of the more popular ways to access Cloud Computing is Software as a Service. To start reducing costs and improving employee productivity, first consider your Communications & Collaborations applications(email, chat, instant messaging, voice, audio, web and video conferencing). In addition, applications including marketing automation and call center applications are available as Cloud services to help businesses grow their top line by reaching new customers. Software Defined Wide Area Networking Companies are adopting Software Defined Wide Area Networking (SD-WAN) as an alternative to more expensive wide area networking infrastructure. SD-WAN can optimize performance of multiple providers of business-class Internet to match costly alternatives. This saves money while improving performance between your locations and ensuring consistent access to Cloud Services. Internet of Things Enhancements to the Internet, combined with low-cost sensors, and wireless connectivity allow businesses to connect, monitor and automate a wide range of devices. Smart metering can track consumption of energy, water and gas, provide insights into usage, and remotely control a wide range of equipment and machinery. Not only does IoT save costs, the data collected from these devices can also be used gain insights that improve business outcomes. Many technologies are at our fingertips to help businesses maintain...

The Importance of Maintaining Network Compliance

Last month’s blog provided information about ways to “Avoid Being Held Hostage by Ransomware.” Eight days later, on May 12, 2017, there was a global outbreak of the Wanna Cry Virus. With Cyber Threats on the rise, the importance of maintaining network compliance is top of mind with business owners and IT professionals alike. Industry compliance regulations, including PCI, HIPAA, and SOX, drive best practices in Network Compliance. However, most businesses today rely heavily on their systems to access Cloud Services, Voice, and Data Networks for mission-critical applications that run their business. What can you do to maintain network compliance? Automate Your Network Administration Keeping operating systems and network configurations up to date is a top priority for network compliance. Each device that connects to your network needs to have up-to-date operating system security patches, anti-virus definitions, and malware threat prevention in order avoid un- intended intrusion of your network. There are abundant tools and managed services to help your business stay up to date without adding to your internal labor cost. Proactively Monitor Your Network Monitor your network to identify any systems that are out of compliance. Proactive monitoring can also identify unauthorized devices connected to your network. You can monitor your network traffic to identify unusual use of network bandwidth. Aside from slowing down your systems, excessive bandwidth may be the result of a malware-infected device that is exploiting your network. Documenting Your Network Security Controls Achieving compliance with documented security procedures including password policy, systems maintenance, backup procedures, and compliance measures, is critical to following most industry compliance regulations. It is a  best practice to update...

What’s Your Cloud Budget?

Most companies rely on Cloud Computing for their business. Popular Software as a Service (SaaS) applications including Voice over IP (VoIP), Hosted Email, Sales Force Automation (SFA), and Customer Relationship Management (CRM) can all be rapidly deployed by a technology Advisor. In fact, a recent survey by the Computing Technology Industry Association (CompTIA) confirms 80% of companies adopted some sort of Cloud solution for their business. Proper planning allows companies to get the most from their technology investment; so what’s your Cloud Budget? What do Companies Spend on Software as a Service? Leading technology research firm International Data Corporation (IDC) suggests nearly one dollar out of of every six is spent on packaged software; one dollar out of every five dollars is spent on applications that will be consumed via the SaaS model, a popular paradigm for Cloud Computing. This information could be useful in planning your technology budgets to see if your Cloud budget is in line with industry spending trends. Infrastructure as a Service Infrastructure as a Service (IaaS), including Cloud Backup, website hosting and other application hosting services, are also available as Cloud Services. Industry research firm Gartner predicts the highest growth will come from Cloud system infrastructure services (IaaS) which is expected to grow by 36.8% in 2017. Companies turn to IaaS as a way to stay nimble and to fix technology spending. The Cloud Service model is utility based, only charging you for what you consume. What’s more, Cloud Computing may be considered an Operating Expense (OPEX) rather than a Capital Expense (CAPEX) because there is minimal upfront investment in equipment and contracting terms...

How to Avoid Being a Ransomware Hostage

Ransomware, spyware, phishing schemes, and other Cyber attacks are commonplace in today’s world of technology. According to a recent article in Forbes, ransomware attacks grew at an accelerated pace in 2016 with reports of 638 million attacks, almost 200 times more than the number of ransomware attacks in 2015. Most experts agree that Ransomware attacks will continue to occur–so what can you do to avoid being a ransomware hostage? Not All Ransomware is Created Equal Before you panic, find out what type of Ransomware you are up against. Scareware is a type of Ransomware that tricks you into thinking you have a bigger problem. A simple scan may quickly remove the pop from your browser cache and get you back on your way. Some ransomware is truly nasty — your entire system may be encrypted, meaning you will need to wipe your system and start over if you have a good backup. Otherwise, you may find yourself hostage to the cybercriminals to unlock your data. An Ounce of Protection is Worth a Pound of Ransom Data protection is an important element in minimizing the impact of Ransomware. Make sure your network security is fully compliant. Backup your data, update your antivirus definitions and make sure your security patches are up to date. Consider using Cloud Backup, Security as a Service, and Managed IT services to keep your network up to date. Having a strong offense to avoid ransomware is your best defense. Don’t Forget the Human Element Train your employees on a regular basis on the importance of staying vigilant against Cyberattacks and how to avoid being a hostage....

Migrating to the Cloud with Confidence

More and more companies are migrating to Cloud Computing to gain competitive advantage and reduce capital expense. According to CompTIA’s 9th annual Security Trends study, companies reported over 80% net usage of Cloud Computing. Over 59% reported moderate or heavy usage. What’s more, the survey found that 68% reported confidence in Cloud providers’ ability to provide a Secure Cloud Environment. An additional 17% responded they were very confident in the security of their Cloud environment. Let’s explore what drives confidence in the Cloud. How to Assess Cloud Provider Security There are many variables to consider when evaluating security of a Cloud Provider. According to the study, many companies evaluate their Cloud provider based on encryption–when moving data to the Cloud, it should be encrypted at rest and in transit. In addition, companies should consider the disaster recovery plans of their Cloud Provider. Some Cloud Providers adopt industry standards including SAS 70 to provide consistent, compliant cloud security. Industry standards are often used to evaluate a Cloud Provider. Identity and access management are also criteria for evaluating a Cloud Provider. Many companies also consider geographical location(s) of the Cloud Provider’s data center.   Consider your Compliance Requirements Many industries have specific requirements regarding handling data. For example, PCI provides guidelines for how companies handle credit card information. Healthcare, Financial Services and Governments (or companies doing business with Government) also have compliance requirements for handling data. Understanding your requirements is key to ensuring you migrate to the Cloud with confidence. Some data may require implementation of a private cloud environment. Also, a Private Cloud has additional security benefits, being a Cloud...

Reducing Business Risk with Backup and Disaster Recovery

Does your business have a backup and disaster recovery plan? Businesses of any size should know which applications–and their associated data–they rely on and what the cost of interruption would be in the event of an unintended disruption. Cyber Threat, natural disasters, and systems failures may impact your business; however, human error is said to be the top cause of data breach (58%), ahead of technology errors. To avoid unnecessary downtime, here are some questions to ask to help assess your backup and disaster recovery plans. Assess the Risks of Data Loss and System Downtime With Backup and Disaster Recovery there is always a balance between cost and risk. To allocate your technology spending, it is important to focus on your areas of exposure. Maybe your business relies heavily on an order-processing and invoicing system, or perhaps a manufacturing and inventory control system. If these systems go down you may lose revenue and productivity from employee idle time.   You may also have intellectual property that is important to your business. What would be the consequence if this data was lost and could not be recovered? You may also have compliance exposure, if you suffered a breach of privacy or other data that should be encrypted was exposed. Assessing your risks and ranking the exposure is an important step to evaluate your backup and disaster recovery plan priorities. Not all Backup Plans are Alike For systems you rely on heavily, you may consider having an offsite failover system in the event of a data loss. This can minimize your downtime by enabling you to rapidly cut over to a...

Is Your Network Ready for Cloud Backup?

Ransomware, Privacy Breach, Compliance requirements and Business Continuity make the case to protect your company’s data. Cloud backup and Disaster Recovery as a Service (DRaas) require reliable network access to ensure your IT assets are backed up and available for rapid recovery. Today’s networks also support a range of applications including Hosted Email, SaaS, VDI, VoIP and Call Center Solutions. Your network needs to be in top shape to accommodate these demands. Here are some tips to determine if your network is ready for Cloud Backup. Assess Your Network for Cloud Backup Readiness When adding Cloud Backup, it is important to understand possible points of failure on your network before they happen. Consider starting with a Network Assessment to stress your network in a controlled environment, in order to determine your backup window. Database and file information on a regular backup schedule may impact your network performance if not properly optimized. Make sure your initial backup and incremental backups run smoothly by simulating peak loads for voice and data on your network. In addition, test your backup and recovery scenarios to identify weaknesses in a controlled environment. Proactive network monitoring can identify potential packet loss and latency that can impact connection speed and uptime. This testing is critical to avoid failed backup and recovery.   Proactively Monitor Your Network for Security and Compliance In addition to network usage, Malware and other unauthorized network access can slow your network performance and disrupt your backup and recovery. Your backup may fail when you need it most. Worse, remediating malware during a recovery scenario may delay your ability to bring critical systems...

What are Managed Services and Why Should I Care?

A managed services provider (MSP) takes on the responsibility for a company’s technology and infrastructure by proactively providing a defined set of IT services for a fixed monthly fee. This approach is preferred by businesses over the traditional Break/Fix services delivered on an hourly rate when needed. By emphasizing high availability and reliability, Managed Services align the MSP’s business model with a company’s business objectives. In contrast, the break/fix model addresses problems when they occur. According to research firm MarketsandMarkets, the global managed‐services market will grow to $193B by 2019, at a Compound Annual Growth Rate (CAGR) of 12.5%. Information Technology as a Service According to the fifth annual Trends in Managed Service published by CompTIA, “The central tenet to the MSP model is a provider-customer relationship based on a contract backed by a service level agreement.” This approach provides IT services similar to other utility models.  Many Managed Service Providers (MSPs) rely on remote monitoring and management technologies to deliver a range of core IT services in a scalable and proactive manner. This approach streamlines the process for proactively identifying and resolving issues with IT infrastructure.   What to Expect from an MSP CompTIA research indicates it is common for a managed service provider to include desktop and network management, applications management, and remote help desk in their service level agreements (SLA). Security (including firewall management), server management, storage, network monitoring, Business Continuity/DR, Backup as a service (Cloud Backup), Email, and Virtual desktop are often available as managed services. Benefits of Managed Services The managed service approach is favored by business for a variety of reasons. Managed services...

Rethinking Wide Area Networking

There is a shift in how businesses use technology. New applications, including Voice over IP VoIP phone systems, Cloud Based Email, File Sync & Sharing all require solid network infrastructure. According to a recent report from the Enterprise Strategy Group, Demonstrating SD-WAN Business Value: Rethinking WAN for a Modern Age, distributed organizations with multiple Remote Office/Branch Office (ROBO) locations may need to reduce unnecessary deployment and management of network infrastructure. Elements of infrastructure, such as head-end devices or appliances at branches, can be replaced with simple appliances supported by Cloud-based services. Here is a highlight of ESG’s findings: Simplify your Wide Area Network Software Defined Wide Area Network (SD-WAN) technology can act as an enabler for Hybrid WAN technology by combining multiple transports, such as MPLS networks and business-class broadband networking. Managing your network can be streamlined by centralizing policy management, monitoring, and systems for troubleshooting. What’s more, reducing dependency on specific network suppliers and transport mechanisms results in the flexibility to find lower-cost alternates without compromising service levels. Minimize Operational Expense By using a zero-touch deployment model, companies can reduce truck rolls by remotely managing installation, configuration updates, and troubleshooting. Like Software as a Service (SaaS) works for application deployment, SD-WAN can remove the complexity of managing a Wide Area Network (WAN) for Remote Office/Branch Office (ROBO) environments. Reduce the Total Cost of Ownership (TCO) of Your Wide Area Network Implementing SD-WAN technology is expected to save costs related to bandwidth by providing more flexible networking options. In addition, by reducing the operating expense of service delivery related to installation, configuration, operations, and management additional costs will be...
Page 1 of 1612345...10...Last »