For small businesses that need support across the US, you need a managed service provider (MSP) with national coverage. You have several to choose from: Corporate Technologies, Thrive, Ntiva, Marco Technologies, and Electric, but which one is right for your business? Thrive, Ntiva, Marco Technologies, and Electric have centralized service, which might seem appealing until you need localized support. Corporate Technologies differs from its competitors by offering regionally staffed local support across 18 US locations and 20 US markets. This comparison guide for SMBs breaks down how service delivery, response times, pricing, and onsite support make Corporate Technologies stand out against the competition. Category Corporate Technologies Thrive Ntiva Marco Technologies Electric Local Presence 20 regional locations 25 locations in the US 16 regional locations Midwest and Northeast US New York Onsite Coverage Included in Total Advantage® (unlimited) No onsite support found but onsite data center design available Onsite at customer request Billed hourly Mostly remote support Response Times Depends on SLAs Depends on SLAs Depends on SLAs Depends on SLAs Depends on SLAs Help desk 24/7 support 24/7 support 24/7 support 24/7 support 24/7 support Field tech availability Onsite unlimited with Total Advantage Colocatoin services Monday-Friday dedicated support Depends on service plan None specified Pricing transparency Transparent per-user; no overage fees in higher tiers Depends on services Monthly per-user package based on 100 users Per user pricing Per user pricing Contract terms Flexible Flexible Flexible Flexible Flexible Industries served Several Several Several None specified None specified Regional specialization 20 US markets Several Several Physical security and copiers and printers None specified Security maturity Secure Advantage™—advanced multi-layer security Endpoint, incident response, monitoring, consulting Additional package with intrusion detection, monitoring, pen testing, email encryption General security for devices, network, and applications Basic endpoint, network, social, and data security Customer satisfaction indicators 5-stars on G2, 4.7 stars on Clutch and Google 4.5 on G2 No external source 4.3 on G2 3.7 on Capterra Who it’s best for SMBs with onsite regional support needs SMBs with data center infrastructure SMBs with at least 100 users SMBs focusing on documenting, phone and audio and visual Local NY SMBs or SMBs that don’t need onsite support Brief Comparison of MSP Services Each one of these MSPs have advantages and disadvantages. Here is a brief overview of each MSP: Local Onsite Support Remote support seems sufficient until you have an IT issue that can’t be resolved unless a technician repairs it. Corporate Technologies focuses on unlimited onsite support with its Total Advantage solution. All others in the comparison table have some form of onsite support, but it’s limited and comes at a high additional cost. MSPs charge for onsite support hourly unless you have it in your contract, so look at your contract before making a decision. Chances are that you will need it eventually, and unforeseen onsite support can spike your bill to thousands that you didn’t expect. To get local support, you need an MSP with a local presence. All but one MSP in the comparison table has several locations in the US with high field technician availability. You should check that the MSP has a regional office in your area. Without a regional office, you can’t get onsite support. Some MSPs will send consultants to your office for an extremely high price, so it’s better to choose a local MSP. Many of the large national MSPs offer remote support and onsite is limited. You might get onsite support at different times and at a large cost, but the MSP will only offer remote support unless onsite is absolutely necessary. Corporate Technologies will fly in contractors when you need it. Pricing Plans Only Corporate Technologies has an upfront pricing structure. The others have a per-user pricing plan, but most of the additional services come at a price. Additional pricing isn’t publicly available, so it could mean that your contract pricing is much higher than packaging everything into a single solution like Total Advantage. When you decide on an MSP, read the fine print to identify the services that you get. Some services to look for are onsite support, field technician availability, help desk support, cybersecurity solutions, monitoring and proactive infrastructure maintenance, and if the MSP supports your specific industry. Each MSP offers flexibility in their contract terms, but Corporate Technologies has unlimited onsite support with a wide range of services in Total Advantage. Corporate Technologies also reduces risks of monetary loss by offering a 60-day money-back guarantee. The money-back guarantee lets SMBs try out MSP solutions without making a commitment on long-term contracts. Try out IT management services and stick with Corporate Technologies if you’re happy with the service. Cybersecurity Services Most MSPs offer basic monitoring, but more advanced cyber-threats require more protection. Also, disaster recovery and backups turn a devastating data breach into a recoverable incident. If you aren’t a cybersecurity person, you don’t know the types of protection necessary to operate a business and block threats. Corporate Technologies offers Secure Advantage so that you get all necessary cybersecurity services including proactive monitoring, incident response, backups, disaster recovery, patch management, endpoint management, DNS filtering, email protection, compliance support, and ransomware protection. Other MSPs offer several cybersecurity services, but it’s unclear if they offer it packaged in a set pricing structure so that you can budget for it. The right cybersecurity service can mean days of downtime or only a few hours, so take this into consideration when choosing an MSP. Which MSP Model Fits Your Business? US small businesses have several MSPs to choose from. You should choose Corporate Technologies if you want: If you have other priorities, a national MSP might be a better option. Choose a national MSP with centralized service if you want: To find out what Corporate Technologies can do for your SMB, contact us. FAQs
Your IT infrastructure never sleeps, so it can fail in the middle of the night. You need a remote-ready IT environment to allow for quick support. Whether you have remote staff that need access to your applications while they are on the road or need to set up an environment where IT can support your infrastructure, you need the right technology plan. The Essential Pillars of a Remote-Ready IT Environment Today’s secure IT environment requires infrastructure that you likely don’t have already if you need to set up remote access. This means that you’ll need new equipment before your network is remote-ready. Each item in this list can be deployed by you or a managed service provider (MSP). When you look into MSPs, here is a list of items they will recommend: VPN, Zero-Trust, and Multifactor Authentication (MFA): A virtual private network (VPN) will secure data traveling over the internet, so your data is safe even if an employee works from a vulnerable location like public Wi-Fi. The Zero-Trust aspect of VPN is a methodology used to authenticate and verify users as they continue to request data from your internal servers. Finally, MFA reduces the chance of a data breach should an employee fall for phishing or social engineering where their network credentials could be disclosed. Managed endpoints: Every mobile device, laptop, and remote desktop is an endpoint. Endpoints must be secured and managed by IT staff. Your security policy details what users must have on their devices to connect remotely, but antimalware and remote data wiping are two must-haves. Antimalware applications stop attackers, and remote data wiping removes sensitive data should a user lose their device. Email security: Every organization is a target for cyber-criminals. Today’s largest data breaches start with a phishing email. Email security filters out suspicious links, spoofed email addresses, and messages with malicious attachments. Cloud application protection: Your cloud vendor has tools to protect data at the vendor’s location. Ensure that these applications are enabled to stop attackers from breaching cloud infrastructure. Backup and disaster recovery: Whether you keep backups on-premises or in the cloud, you need them in case of a disaster. For example, if ransomware affects your environment, the quickest way to avoid damage is to restore data from a backup. Backups are also useful for natural disasters like floods or fires. Business-grade Wi-Fi: Wi-Fi can be set up around the office to offer remote access for staff if they don’t have a desktop. You need a setup that offers speed for enterprise applications and security to protect from outsiders. What Breaks First When SMBs Go Remote Even with the best and finest hardware, things break. It could be from a misconfiguration or a bug in the hardware. In rare cases, hardware fails from a faulty component. Whatever the reason, you need to be prepared. Here are a few common failures: All of the above issues can be proactively addressed with the right IT controls and deployment. After some time, your VPN might need upgrades as your business grows and adds more users. Your MSP can monitor the VPN for any speed issues and handle upgrades before they impact productivity. Patch management handles any issues with security upgrades in your environment. Shadow IT is also a security concern. Your MSP should monitor the environment for any devices that aren’t authorized, and they can handle patch management to ensure that your infrastructure is up to date. Compliance controls necessary for your environment depend on your industry. A good MSP will help guide you on the right controls. For example, if you must be HIPAA compliant, then you need the right monitoring and audit controls. MSPs install these tools to ensure that you aren’t vulnerable to compliance violations. Step-by-Step Setup Checklist for Business Owners Before you engage an MSP, you might want to go over your current infrastructure to determine what you need. An MSP can help determine the right hardware and software for your business, but it doesn’t hurt to take a look at what you have and make a checklist of your own. With this checklist, you can then engage with an MSP that can deploy and configure each item. How Corporate Technologies Builds a Remote-Ready Workplace As a small business owner, you might be overwhelmed with all of the requirements for remote access to your environment. You can choose from several MSPs, but we offer local onsite IT help that competitors can’t offer. We have a remote help center, but our professionals are local to our clients as well. Cybersecurity is a primary concern. Once you open your environment to remote users, the network becomes a target for remote threats. Corporate Technologies deployed email filtering, a security operations center (SOC) that monitors the environment, endpoint protection, and backup procedures to keep your data safe from attackers and permanent damage. After we deploy your remote-ready workplace, we then offer continued protection and monitoring with: Why SMBs Need Local IT Support for Remote Work For many SMBs, technology concerns grow beyond what a local person can do, especially if they aren’t trained in IT. Corporate Technologies caters to small businesses with offices across the US. You need this support for full coverage of your environment. For example, if you suffer from a network outage or ISP interruption, a remote MSP can’t help. Corporate Technologies can remediate these types of issues with local technicians near you. A few other ways local IT support can help you: If your business is ready to take the next step towards remote access, see what Corporate Technologies can do for you. Contact us today. FAQs
When your internet connectivity fails, so does your business productivity. Your employees can’t reach cloud-based applications, email, phones, and any other critical internet dependent service. Productivity failure hurts your revenue, and it can cost millions for extensive downtime. Every component of your infrastructure should have a failover safety net, and this includes your internet connection. It’s not uncommon for small businesses to rely on a single internet service provider (ISP), but it’s a mistake. Your internet service might be stable for a while, but ISPs will often perform maintenance or upgrades without warning. ISP activities sometimes cut your service for several hours a day, or your service suffers from temporary degradation while the ISP performs its maintenance. Slow performance also harms productivity. In both these scenarios, you can overcome productivity loss with internet failover infrastructure. Before you decide on a failover design, you need a failover internet plan. What is an Internet Failover Plan? An internet failover plan is a document that decides what hardware you need to ensure that employees always have access to the internet, and what happens when your internet connection goes down. For most businesses, having a separate ISP is the answer to internet failover. In addition to having a second connection, having a secondary service type adds additional risk management. If your main connection is cable, then using a telecom provider avoids downtime if cable lines fail. You still need a trigger to cutover to your alternative source. The best method is to have an automatic switch, but you could leave it to a manual switch if you have full-time operational staff available for the cutover. Your router, firewall, and other infrastructure must be able to handle the cutover. The best way to ensure that all infrastructure will stay operational is to test it during off hours. You can simulate an internet failure scenario by cutting connection to your current ISP. Failover hardware should take over and allow a smooth transition. As an example, suppose that you live in an area where hurricanes are common. You might have cable internet for your normal internet connection, but you have a telecom like AT&T for failover. Cable might be down for days, but AT&T brings their infrastructure to service more quickly. The opposite could also occur. You would have two ISPs to limit your downtime after a major storm, which reduces your risk factors and eliminates a single source of failure. Why It Matters to SMBs? Small business owners might not even realize the importance of the internet for productivity. Internet connectivity is often taken for granted because it’s so common now in any industry. Take, for example, a law firm. Now, documents hosted on government websites are no longer available. Email messages from clients would no longer be available. Phones would not be operational, cutting all contact with colleagues and clients. Document editing and sharing would no longer be available whether you use Microsoft Office 365 or Google Workspace. Productivity for a small law firm would crash, and this is just one example. There are plenty of other industries that rely heavily on the internet. A loss in productivity translates to revenue loss in any industry. Small businesses don’t usually have the resources to estimate hourly revenue loss, but they still feel the impact just the same. Not only is productivity loss an issue, but once internet connectivity is back up, businesses must catch up and hope to avoid losing customers over the incident. Key Components of a Strong Failover Setup It’s better to have a reliable IT professional design your infrastructure, but here are a few items you can expect to add to your current infrastructure. After setup and configuration, you first need to test the infrastructure. Even after your first test, IT staff must annually test internet failover and any disaster recovery procedures. Disaster recovery testing often involves simulating an actual event like creating an environment where internet connectivity fails and then the alternative provider activates. IT staff must then test all critical resources to ensure that they are available. In addition to testing, IT staff should create a document that details every step necessary to deal with an internet outage. For example, the document highlights key stakeholders to contact, and who will manage any bugs if the cutover doesn’t happen smoothly. An email to users warning them of slower network performance might also be necessary. How Corporate Technologies Helps? You could upgrade network hardware yourself, but it requires a professional to configure infrastructure for optimum performance. Any mistakes could leave your internet failover design useless, which could in turn waste money and lose productivity when an outage occurs. For some small businesses with IT staff, the onsite staff might not have the experience to deploy failover and disaster recovery infrastructure. That’s where Corporate Technologies can help. We cater disaster recovery plans and designs to your business to ensure that productivity is always running at optimal levels even during outages. Professional IT providers deploy infrastructure, test it, and then monitor it 24/7 for any issues. Contact us to find out how Corporate Technologies can help you with disaster recovery and internet failover. FAQs
Nobody knows the importance of a stable system like an accountant during tax season. Imagine the fallout if an accounting firm loses access to the internet, Quickbooks, or their own infrastructure in April. Outside of tax season, accountants still need to be operational for their clients. To keep a stable environment, you need a cybersecurity strategy to stop data breaches, detect threats, and eradicate potential malware from delivering its payload. Here are a few ways accountants can protect their client data and have a smoother tax season safe from cyber attacks. Threat Protection from Ransomware Ransomware is the single most devastating attack to accountants and their client data. Accounting firms suffering from ransomware will experience much more downtime and potential blackmail that could last for months. Litigation from ransomware can last for years. As an example, the New York accounting firm Wojeski and Company suffered from a ransomware attack in 2023. Employees were unaware that the environment had ransomware on it until they were unable to access client files. Wojeski lost data for over 4700 clients including their social security numbers, which were stored unencrypted on the network. To make matters worse, Wojeski did not alert customers until a year later in November 2024, violating compliance requirements. Because of their lack of communication and compliance violations, the Attorney General fined Wojeski and additional $60,000 in fines. Their case settled in October 2025, making the process of dealing with ransomware a two-year battle. The attack started with a phishing email, which could have been blocked had the accounting firm had the right email filters in place. Cybersecurity for accounting firms should be a critical component of their environment, but it requires experts to know what systems to put into place. Your cybersecurity infrastructure should have multiple layers to stop threats. Threat prevention, detection, and email filtering are three solutions that could have helped Wojeski avoid a costly mistake. IT Support for Accountants Cybersecurity is one step in protecting your client information, but general IT support and maintenance are also necessary. It’s expensive for accountants to employ full-time IT support, especially when you need cybersecurity professionals as well. Managed service providers are a cost-effective alternative to keep your accounting firm within compliance regulations and help support accountants as they work with clients. Take, for example, tax time when accountants are at their busiest. Suppose that one accountant has an issue connecting to the network. Without the right staff onsite, it could be several hours –even days– before the accountant has a workable environment again. Lost days during tax season is unacceptible for both accountants and their clients. Using the same example, your accountants save themselves a lot of stress and downtime when they have dedicated help desk support. When an accountant runs into an issue with their laptop, the accountant can call the help desk to walk them through the problem. The problem could be as simple as a configuration change on their workstation, or it could be a network issue. When your accounting firm contracts with a managed service provider (MSP), a remote IT support specialist maintains the network environment to remediate the issue. Not only does an MSP cut down on accountant frustrations with IT infrastructure, but it also cuts the time necessary to get accountants back on track for productivity. Whether it’s a workstation issue, network hardware, infrastructure software, or a simple user education problem, a managed service provider can help. Downtime for accountants translates to money lost, so the investment into MSP support is a cost-savings solution. IT Hardware Maintenance At some point, you need scalable IT infrastructure to support increasing numbers of accountants and staff members. This process requires IT maintenance and hardware added to your current infrastructure. You might need additional software including cloud-based support for applications like Quickbooks. The wrong hardware can limit scalability and growth, so you need professionals to design, suggest and implement new IT solutions. In addition to scalable infrastructure, the network must be designed in a way that follows compliance requirements and protects data. For example, the financial side of an accounting firm should be secured from general HR or sales staff. This protection is done using segmentation, and other hardware might be necessary for data security. Network segmentation is not a general knowledge requirement, which shows the importance of having professionals scale your infrastructure. Small accounting firms going through a growth spurt in staff and clients will also need professionals to add to network hardware. Smaller network designs don’t support larger businesses, so the process often requires scaling with local hardware and cloud infrastructure. Poorly designed cloud infrastructure can be open to cyber-attacks, so it must be configured by someone who is familiar with cloud configurations, integration, cybersecurity, compliance, logging and monitoring, and automatic scaling. Where Can an Accounting Firm Get Started? The first step to securing your accounting firm is to take an audit of your system, gather stakeholder requirements, and understand the ways your business works. Professionals at Corporate Technologies can help you with these first steps. You need professionals who know the right questions, have the expertise to guide you through the process, and give you suggestions on what works for you and your budget. To avoid costly cybersecurity mistakes and to protect your accountants and clients, contact Corporate Technologies to find out how we can help you secure and scale your business. FAQs
IT monitoring isn’t only for tech companies. Manufacturers might focus on their machinery, but their networking equipment is equally important for smooth productivity. Servers control user permissions and access controls. Network equipment gives technicians remote access to machinery, and infrastructure for software control manufacturing activities. All these systems must be monitored to detect any issues before they impact production, and the right managed service provider (MSP) can help. Why Cybersecurity Monitoring is Important In Verizon’s Data Breach Investigations Report, cyber-threat intelligence researchers saw a stark increase in manufacturing targets between 2023 and 2024. Ransomware was the primary payload with 44% of data breaches involving ransomware in 2024. The most significant attack vector was the human element, meaning most attackers delivered their ransomware payload using phishing or social engineering to trick employees into taking action. A good example of this recent cybersecurity trend is in the September 2024 ransomware attack on Kawasaki Motors Europe. The attack came from a well-known ransomware group named RansomHub. As with any other ransomware attack, Kawasaki files were encrypted and held ransom. Instead of paying the cyber-criminals, Kawasaki declined. In retaliation, RansomHub leaked 487GB of stolen data. Operations were temporarily halted for a little over a week, which means the data breach affected the manufacturer’s productivity and likely cost them millions in the process. Manufacturers spend millions in monitoring systems and IoT for their machinery, but monitoring IT equipment is just as important. Most cyber-criminal groups target businesses where cybersecurity is commonly lacking. Even when businesses set up cybersecurity infrastructure, they often forget to integrate monitoring to ensure that threats are caught quickly. Intrusion detection and intrusion prevention are necessary to stop interruptions in manufacturing, supply chain, and protection of your manufactured product. Monitoring Infrastructure Health Cybersecurity isn’t the only reason to monitor your environment. The health of your infrastructure is also important to ensure that the environment continues to be productive. For example, if a server’s CPU is overheating, it could crash unexpectedly bringing down all users and workstations relying on it for productivity. Let’s say that you have a server in an environment a bit too hot for the equipment. The heat could slowly cause issues with your infrastructure hardware. Monitoring the environment for any unexpected errors including the internal heat of the CPU tells you that the environment needs cooling. If you don’t have monitoring systems in place to detect errors from heat, you could have servers that will eventually crash. Unexpected crashes lead to extensive downtime between troubleshooting and replacing any damaged hardware. Monitoring the environment also detects any strange behavior or errors in an application. Errors in an application present several issues. First, users are frustrated when they can’t use business software as intended. Second, application errors also cause issues with data integrity. When data isn’t processed properly, it can cause data corruption, errors with orders, mistakes in shipping and customer service, and any number of service problems. Resource Usage Monitoring Resource usage must also be monitored to prevent users from exhausting available infrastructure. For example, data storage eventually runs out, but you won’t know if there is nothing monitoring storage capacity. Monitoring resources also covers CPU usage, memory issues, or any other number of exhausted resources that impacts performance. Small performance issues might seem negligible at first, but accumulated performance degradation eventually impacts users and productivity. Slow applications slow down data processing, which slows down productivity like orders, shipping, customer service, financial activity, and any other number of employee actions reliant on your infrastructure. Servers aren’t the only infrastructure that needs monitoring. Other networking equipment must be monitored. Switches, routers, workstations, application servers, and cloud resources should be monitored for any anomalies. Cloud infrastructure often has native tools to monitor it, but you still need a reliable service provider to watch for alerts and respond to any critical notifications. The Cost of Downtime Monitoring for all the possible issues that could affect infrastructure lets your managed service provider remediate any problems before they cause downtime. Manufacturers know the value of uptime, but they often focus on their machinery without integrating infrastructure monitoring. Without monitoring, a manufacturer could suffer from downtime. Downtime is costly whether you have a small manufacturing plant or a large global business that supports customers around the world. Infrastructure downtime affects multiple locations, not just the location where the downtime occurs. Even for small manufacturers, the cost of downtime can be thousands of dollars an hour. For large manufacturers, the cost can be seven figures. Add more money to downtime costs when it involves a cybersecurity event. Cybersecurity events require mandatory downtime to contain the threat. After the threat is contained, a professional must investigate and save evidence for law enforcement. Then, eradication of the threat also requires professionals. Litigation, customer reparations, and brand damage also affect costs. For manufacturers, losing just one large customer impacts revenue long-term. All costs from downtime add up, and it can put small manufacturers into bankruptcy. Costs can be mitigated with proper monitoring. You can’t eliminate repairs to equipment or changes to the environment when they are necessary, but making changes before issues cause downtime can greatly reduce costs. Where to Get Started You don’t need more local staff to manage monitoring your environment. A good managed service provider can help you avoid any productivity downtime from infrastructure errors. Your MSP will install monitoring across all locations and respond to any cybersecurity incidents, repair damaged infrastructure, and configure applications to avoid errors. Find out if your environment could be at risk with a three-minute IT health check. To find out what Corporate Technologies can do for your manufacturing business, contact us. FAQs
Cybersecurity isn’t the sole responsibility of IT. Good cybersecurity is a collaborative effort between IT staff, managers, and employees. If you’re a manager overseeing multiple staff members, it’s your responsibility to ensure that your people understand corporate cybersecurity policies. Cybersecurity staff can set up policies and simulations to test human vulnerabilities, but they can’t enforce policies without your help. Here are a few ways you can help protect corporate assets within your department. Help Users with Phishing Detection It’s not a matter of “if” your company is targeted by phishing. It’s a matter of “when.” Your users should know what to look for when they read and respond to email messages. A good managed service provider (MSP) should offer email filtering to stop malicious messages, but it’s possible that the solution returns a false negative. In the unlikely event that an email slips through, users should know to ask questions rather than act without hesitation. Your MSP can perform phishing simulation attacks where users are flagged for interacting with a phishing email. As a manager, you can help guide your users through phishing identification. Here are some phishing red flags: While a good email filtering solution should block many of these messages, users are your last line of defense. Educating them on common phishing scams will empower them to recognize a phishing email from a legitimate message. Practice Password Protection Users with elevated permissions are more valuable to cyber-criminals, but attackers also target low-privileged users and launch lateral moves to elevate their privileges using a series of phishing and malicious executables. Keeping credentials private ties in with avoiding a phishing attack, but users should also avoid malicious websites, use cryptographically secure passwords, and rotate their passwords regularly. IT staff can force users to change their passwords every month or two, and they can force users to create a cryptographically secure password, but they can’t stop users from entering their credentials on malicious websites, especially if users do it on their personal computers. As a manager, you can train your employees to be wary about entering sensitive data into unknown sites. A good example is phishing pages made to look like SSO (single sign-on) pages. For example, suppose your organization uses Google Workspace as its provider, and users authenticate using a Google login page. Scammers use pages that look like the standard Google login prompt to trick users into entering their credentials. If you don’t have two-factor authentication (2FA) enabled, users have just given cyber-criminals access to their corporate account. Users should be encouraged to look at the domain before entering credentials. Phishing domains often have the official brand in the name with added words or letters to make it look official, or they own a domain with a slight misspelling. Instead of clicking links and authenticating, type the official domain in your browser and authenticate there. Here are a few protection steps users can follow: Be Suspicious of Calls Asking for Money or Credentials Along with phishing, social engineering is also an effective way for cyber-criminals to steal data or money. Social engineering is paired with phishing in more sophisticated attacks. Users might first receive an email and then a followup call to get an immediate response. These sophisticated attacks often ask for money transfers, so they target financial employees. Users should stop and verify rather than allow the caller to rush them into making any rash decisions. As a manager, you can train your employees to follow procedures regardless of the caller’s urgency. With AI, employees should also be aware that callers could use AI to sound like someone familiar, like the CEO or an employee’s boss. Train your employees to always ask and verify, especially when the caller is making an unusual request. Suggested Read: What is Hashing In Cybersecurity? Leave Unknown USB Devices Alone Here is a tip many experts forget to tell employees – don’t insert unknown USB flash drives into a corporate computer. Starting around 2023, cyber-criminals began increasing their use of USB drives and building malware specific for flash drives. Criminals might place the USB drive in a place commonly frequented by your employees or somewhere next to your office building. When the employee inserts the USB into their computer, the malware is programmed to automatically load. By this time, it’s too late unless you have great antivirus software that catches it. Antivirus can’t catch every attack, so it’s possible that the malware executes and delivers its payload. The payload could be a trojan, a rootkit, ransomware, or any number of malicious payloads. As a manager, you should also be aware of the dangers of malicious flash drives. Don’t put them in office workstations. If one is found onsite, ask IT to look into it or wait for someone in security to analyze it. Direct Cybersecurity Questions to Professionals If you’re the manager of a small business, it can be hard to deal with IT concerns as well as handle your own work-related productivity. Instead of handling cybersecurity, a managed service provider will take care of the IT helpdesk, employee questions, cybersecurity infrastructure, and protecting your data. You still need to help educate employees, but an MSP can also help with the right education tools, simulations, and documentation. If managing cybersecurity is getting too overwhelming for you, see what Corporate Technologies can do to lessen your workload and bring your business to where it needs to be. Contact us today. FAQs Download the Cybersecurity & Managed IT Services case study for an HVAC & Plumbing Contractor (PDF)
At some point, your law firm will have IT questions, whether it’s because of a workstation error or some kind of connectivity issue to the internet. One of the most beneficial ways you can save productivity time is by contracting with a managed help desk to help your users get quick access to answers to their IT problems. The dedicated help desk also saves time for your local onsite support, especially if you’re a small law firm relying on another staff member to answer questions. Why Downtime is So Costly for Law Firms Without access to critical systems, your law firm could lose thousands every hour. One attorney might charge $500 per hour and up to $1,000 per hour (realistically, attorneys charge anywhere from $150 to $1,000 per hour). Attorney rates vary, especially by state, but some technical downtime affects the entire office, putting multiple costly attorneys in a place where they can no longer work on their cases. Let’s say you have only 5 attorneys working at $500 per hour. The downtime would be $2,500 per hour, and a daily loss of $20,000 (assuming 8 hours of productivity). The cost of lost productivity is significant for small law firms and even more devastating to revenue for large law firms. Most case management and government applications work in the cloud, so you need internet connectivity and a working internal environment to stay productive. Having a help desk and managed service provider for any IT issue will lower the risks of downtime. When you only have a few attorneys on staff, it might seem insignificant, but as you grow to 10, 20, or 100 staff members, stable environments are a must. Large law firms could lose up to seven figures a day in downtime with enough staff left unable to manage their clients and cases. What a Managed Help Desk Provides Instead of relying on another attorney to answer IT questions and struggling to resume productivity, a managed help desk provides you with dedicated support professionals with experience in common IT issues. Even the simplest of issues can be overwhelming for someone inexperienced with infrastructure and help desk support alleviates this stress. For example, suppose that your entire office loses connectivity to the internet. Your ISP tells you that the downtime is not coming from their end. ISP support will only manage the router from your office to the ISP, so you need to figure out why the network is down. In many cases, this could be a Wi-Fi router issue or a damaged internal switch. A simple reboot could fix the problem, or you might need to reconfigure the router for better connectivity strength. Instead of relying on someone to take hours to figure out the problem, an experienced help desk person can more quickly identify the issue and walk you through configurations, saving time on recovery. A few benefits you get with managed IT services: How Managed IT Services Ensure Case Management Software Runs Smoothly Managed IT services are more than putting out fires. They also help you stay proactive with your hardware and software. For example, keeping your software updated and installing antivirus software on all staff devices is a proactive way to avoid data breaches and malware. Both these tasks take time from normal productivity and often require a dedicated IT staff for larger law firms. A managed service provider –including help desk services– performs these tasks in collaboration with your onsite staff to keep your case management software working smoothly. Your managed service provider also has service level agreements (SLAs) that they must adhere to. The number of hours –sometimes minutes– for a response depends on the severity of the issue. For example, if your whole office can’t access the internet and can’t work, this might be a tier 1 severity, meaning a response is necessary within 30 minutes (for example). The provider will then give you an estimated time of resolution, which would be a priority for them. A lower-level severity that does not interfere with productivity would have a longer timeframe for contact and recovery. SLAs are invaluable to any law firm that needs dedicated support for any critical downtime to limit monetary damage and revenue loss. Predictable Costs and Scalability of a Managed Help Desk As with most businesses, the idea of having a managed help desk might sound like an unnecessary expense. Good managed service providers will give you estimated costs so that IT support stays within your budget. Costs are often calculated per seat and the nature of your environment. This gives you a set flat-rate cost to include in your budget, and businesses can scale IT costs as the law firm grows. Corporate Technologies makes it easy for you to determine costs. You can use our managed IT services calculator to estimate your monthly IT budget. You aren’t limited to remote support either. You can add on-site IT support if you’re limited on staff and need someone to help scale infrastructure or prefer a hands-on approach to support. Knowing your future IT costs is essential for budgeting, and any good managed service provider will mold a contract to fit your budget, expectations, and scalability. Also Read: Cybersecurity Policies for Small Businesses To determine if having an outsourced IT help desk is worth it, ask yourself these questions: How Can You Get Started with a Reliable Managed Help Desk? If you answered yes to any of the above questions, you should be looking for IT support. Local staff is expensive, and each IT professional has their own set of skills and experience. With a managed service provider, you get several professionals with experience in several different fields to help support your law firm. To find out how Corporate Technologies can help you, contact us today. FAQs
Even if you don’t consider yourself a target, small businesses should always have a cybersecurity policy in place. It’s common for small businesses to think that they’re too small to be targets, but they are actually primary targets for cyber-criminals. Many of today’s sophisticated attacks involve coordinated groups of hackers that know small businesses don’t have the staff or resources to stop them. Small businesses can fight back, though, with some basic cybersecurity policies to lower their risks of being the next data breach victim. Authorized Access to Data Only If It’s Necessary It’s easy to grant every employee access to everything to avoid hassles, but this gives an attacker with stolen credentials unfettered access to all your systems without any barriers. Once an attacker gains access to credentials or tricks an employee into installing malware on their local machine, the attacker can then laterally move throughout the network, stealing data without security obstacles. You can minimize a data breach by giving employees access to only the data necessary to perform their job functions. This approach is called the “principle of least privilege,” and it’s recommended by the National Institute of Standards and Technology (NIST). Let’s say an attacker does steal credentials from an employee, but you’ve followed the privilege of least principle. An attacker would be limited to only the data authorized with the stolen credentials. This strategy does not stop an attacker entirely, but it limits damage. It’s important to note that attackers will likely try to elevate privileges using a variety of exploits and phishing via impersonation, but this creates a hurdle for them. Cybersecurity is built in layers, and limiting data access is one layer of many. A few ways you can better manage user accounts: Disable Unused Accounts After an Employee Leaves Let’s say that you have a system available for employees over the internet. They must authenticate with their business credentials. You might already have two-factor authentication (2FA) installed. These security provisions are rendered useless if you don’t disable accounts when an employee is no longer employed. This lack of action leaves your organization vulnerable to insider threats, which are even more difficult to detect since the ex-employee is using valid credentials. You probably need to retrieve email and data from the ex-employee’s account, so the proper way to manage this risk is to disable the account, not delete it. Disabling the account stops the ex-employee from authenticating in your systems, but it gives you time to collect data and retrieve old email messages to hand off to the next person in charge. You can disable the account yourself or have your IT staff disable it, but you’ll need to do it immediately to minimize risks. A few ways you can ensure account closures: Require Antivirus on All Devices Connected to the Network You might allow employees to connect to the network from their own devices. For example, they might connect to Wi-Fi from their smartphones to make calls or access the internet. Employee laptops might be used to connect to the network and take work home with them. While these are excellent ways to boost productivity, they also open up vulnerabilities and increase your attack surface. Should an attacker gain access to an employee’s personal device, the malware installed could then access your network data. Part of your bring-your-own-device (BYOD) policy should be the requirement of antivirus. Antivirus policies should extend to local business devices, also, but small business owners often forget about the threats that might come with personal device connections. Ensure that users have antivirus on mobile devices, and take it a step further by ensuring that any software installed on their devices has the latest security patches. Daily Backups of Data The most secure environments still have their own incidents (Incident Response Plan), but backups reduce the permanent damage done from malware and give you quicker recovery routes. Backups also need to be in a secure environment, and you should follow the 3-2-1 rule to avoid failures. The 3-2-1 rule states: To explain this better, suppose that you have a copy of all the files on drive E. Every night, you make a backup of drive E and store it to a NAS (Network Attached Storage). You should also store a copy on another disk, or if the backups are too large, use cloud storage. The cloud storage route would cover the last rule, which states that a copy should be off-site. The off-site copy is intended for catastrophes like fire or flooding at your office. Having multiple copies also avoids issues with corruption of one copy or should one of your backup disks fail. If one copy is corrupted, you can always restore data from one of the others. Also read: Signs Your Business Has Outgrown Break-Fix IT Email Security Phishing has long been a primary attack vector. The types of phishing attacks are too many for this article, but they come in several forms: You can train employees to recognize the signs, but it still leaves you open to human error. Employee security training is beneficial, but it should be a secondary security layer to email filters. Email filters block suspicious emails that come from known phishing and spam domains. More advanced filters use a combination of artificial intelligence, machine learning, and threat intelligence. Your email provider should have security installed, or you can ask your managed service provider (MSP) to install it for you. Chances are that email security is included with your MSP offer. Case Study: Cybersecurity & Managed IT Services for HVAC & Plumbing Co Managed Service Providers Help with All These Policies and More These top 5 cybersecurity policies are but a few of the layers of protection you should implement. The entire world of cybersecurity is a game of cat-and-mouse, so it can be difficult for a business owner to keep up with the changes. One day you’re protected, and the next day your business software has a known vulnerability, leaving you
Small businesses can usually get by with just a “fix it when it breaks” mentality, but scalable IT infrastructure requires a proactive approach. You need hardware capable of handling busy seasons, and you need software that allows for employee productivity without being a hindrance. If both these things are constantly breaking, it’s time to consider a professional approach to your IT. Professional buildouts might have a higher cost upfront, but the savings from productivity loss, angry customers, delays, and downtime are much bigger in the long run. Here are some signs that it’s time to seek out a provider that can help manage, update, scale, and monitor your critical applications. Excessive Downtime Impacts Productivity “Excessive” is relative, but you know when your IT infrastructure fails too much. If your employees have to ask for help for the same issue several times a week, it likely impacts their productivity. Let’s say that Wi-Fi constantly goes down, and you reboot the router to fix the problem. It’s a simple fix, but rebooting a router brings all devices down, including any software or hardware that continually connects to the internet. An IT issue that continually happens with a simple fix but one that interferes with productivity is never the answer. The answer is to figure out the root cause of the problem and have it professionally remediated. Remediation could be anything like: Added Infrastructure is Hacked Together Instead of Meticulously Designed Let’s say you have a small business and host all your hardware on-premise. Do you add the server in a random room with wireless connectivity to a Wi-Fi router? Some businesses even put servers in the lunchroom! It’s a quick fix to solve a scalability problem, but as you can imagine, it’s not a permanent yet alone an optimized solution. A random room leaves hardware open to theft or accidental damage. You might use cloud computing, but even cloud technology can be deployed in a way that doesn’t optimize resources or IT costs. Deploying any valuable resource requires planning, even if the planning is a simple layout to determine physical location of the server and how it will be monitored. In many of these scenarios, the server is improperly configured and isn’t monitored for threats. Computer hardware also requires optimal temperatures, ideally between 65F and 70F, so leaving equipment in a random room can reduce its life expectancy. A few issues you might run into: Keeping IT Compliant is Beyond Your Skillset Compliance should always be a consideration when building an IT environment, but it takes a professional to know how to do it. An inexperienced person could easily miss a configuration or miss important components in an IT design. Some compliance regulations require software setup, like monitoring of the environment or auditing records every time a user accesses them. Regulations are especially strict around personally identifiable information (PII), financial data, and healthcare records. For example, a violation of PCI-DSS –regulations overseeing payment information– can cost $5000 to $100,000 in fines depending on your business and the severity of the violation. An SMB could be put out of business if they suffer from a data breach. Compliance is a huge topic that often requires a professional, but here are a few common requirements you might need help with: You Need Additional Infrastructure to Scale, But Don’t Know What to Deploy When you only have a few people on desktop computers, you might be able to set up an environment yourself. When you get bigger and need more desktops, servers, software, and cybersecurity, it gets much more difficult to manage unless you have experience in IT. It can also limit your ability to scale your infrastructure as your business grows. In IT the saying “you don’t know what you don’t know” is true. You might think you have everything configured with cybersecurity in place, but it’s common for businesses to overlook vulnerabilities. It only takes once for a data breach to cost six or seven figures in litigation, incident response, reputation loss, and compliance violations. A common thought is that an SMB isn’t big enough to be a target, and that’s not true. As a matter of fact, cyber-criminals prefer SMBs for the lack of advanced cybersecurity protections. As you grow, you need software to make your business more productive. Professionals can steer you in the right direction. Here are a few reasons you might need a professional as your business grows: Unnecessary IT Spending When you don’t have professionals deploying infrastructure, you might have unnecessary spending. Optimizing your costs is another area where IT professionals can save you money and frustrations. For example, you might have cloud infrastructure that costs more than you need to spend. It’s common for businesses to have unused IT in the cloud that can be retired. Legacy cloud infrastructure can also cost more than using newer technologies. For SMBs, optimizing costs can be a huge benefit. It’s possible to save thousands in unnecessary spending, especially if you’re unfamiliar with cloud computing. Here are a few more ways professionals can help with IT costs: Where to Go From Here? If you find yourself overwhelmed with IT support or continue to have problems with your infrastructure, it’s time to consider a professional managed IT service provider. A professional MSP like Corporate Technologies can create a secure, scalable IT environment that won’t inhibit your productivity. To get started with your IT infrastructure, contact us today.
Every growing small business goes through IT struggles eventually. If you don’t have the right people and infrastructure in place, your software and hardware could be a bottleneck for business productivity. For many small businesses, this means it’s time to search for professionals to evaluate what you have now and determine what you need to scale for the future. It takes a lot of time and money to change infrastructure, so you need professionals who can architect a design that not only provides current support but also gives you the ability to scale as your business grows. If you search for IT support, you’ll find several managed service providers (MSPs) offering all types of bundles, plans, and subscriptions. Small businesses unfamiliar with the IT landscape can soon be overwhelmed by options. We put together 10 questions you should ask an MSP before you sign a contract. Some questions might be obvious (e.g., “What services do you offer?” or “How much is the cost?”), so we put together questions that you might not have already thought of. 1. What is Your Service Level Agreement? A Service Level Agreement (SLA) is a promise to respond and remediate issues within a set amount of time. Usually, a response is set based on the type of issue, and issues are categorized by severity. For example, an outage of critical infrastructure might be a tier 1 and have an SLA of 15 minutes response time with a small window for remediation, promising to get your business productive in the least amount of time. A lower-priority issue might have a longer response time, with several days for the MSP to remediate. 2. Do You Support Patch Maintenance Patch maintenance keeps all your software and firmware (software for your hardware) up to date. Outdated infrastructure leaves you open to known vulnerabilities, and it can be a source of serious data breaches. For example, the infamous Equifax data breach, where private information for 148 million Americans was stolen, stemmed from outdated software. Servers were breached after a known vulnerability remained unpatched for only a couple of months after the vulnerability was made public. You need software updated, especially if it’s a patch for a security vulnerability. 3. Do You Follow Compliance Regulations? If you have a business under compliance regulations (e.g., HIPAA, FINRA, CCPA, SOX, PCI-DSS), it’s critical that you hire an MSP with a firm grasp of requirements. Infrastructure must be configured and deployed in certain ways to avoid hefty fines. Your MSP will guide you in the right direction. For example, healthcare data must be stored in encrypted form even on mobile devices, so you need an MSP that can configure your hardware to ensure that you follow HIPAA compliance. 4. What Hours is Tech Support Available? You might think that you won’t need support during closed business hours, but what if your website suffers an outage in the middle of the night? What happens if a server fails, and that server is necessary for productivity in the morning? You need a help desk line to call. Ask an MSP what kind of off-hours support they offer, including holidays and weekends. 5. What Kind of Incident Response Do You Offer? Incident response is the process of detection, containment, and eradication of a threat. The faster your incident response, the less damage a threat can do to your data. Incident response is a crucial step in dealing with a data breach, so make sure you have an MSP educated and experienced in protecting your data. They might also offer a collection of evidence if you need to report the incident to law enforcement. 6. Do You Offer Disaster Recovery? Disaster recovery is a step in incident response. It’s the last step after a threat is eradicated from your network. After a threat is eradicated, you need a professional to restore your data and infrastructure to operational status. MSPs will create a disaster recovery plan and help restore data after an incident. You want an MSP that can ensure the lowest amount of downtime with as little data loss as possible so that you can return to productivity. Disaster recovery services often include backup, so ask the vendor what types of backups they perform to safeguard your data. 7. Do You Offer Security Awareness Training to Staff? Phishing and social engineering are primary attack vectors for cyber-criminals. They’re incredibly effective on unaware employees. Not every MSP offers security awareness training, but you should ask if they do and take advantage of the offer. Cybersecurity training is one way to lower human error and email-based data breaches, including ransomware. 8. Does Your Service Include Monitoring and Detection? How do you know your network is compromised if you don’t have monitoring in place? Some compliance regulations require you to have monitoring installed. An MSP should have monitoring included with their cybersecurity to reduce the amount of time a threat can persist in your business environment. Monitoring might also include the detection of failed hardware or hardware that might not be configured properly. Ask an MSP what type of monitoring is included with your coverage. 9. Am I Tied to Any Vendor with Your Infrastructure Deployment? It’s possible that an MSP might set up a cloud-based environment for you. You should know if you’re being tied to any particular vendor. Most corporations are tied to a vendor, but should you take over support for the cloud environment, you need to know if it’s AWS, Azure, Google Cloud or another vendor. If you want to change vendors, it could be difficult to switch especially if you’re integrated with proprietary cloud applications. Ask the vendor which cloud provider will be set up so that you are familiar with their applications. Also, a cloud vendor has their own SLAs that you can review. 10. Does Service Include Onsite Management? Most IT-specific service can be done remotely, but some MSPs offer onsite service too. If you have local hardware, an MSP might offer onsite
- 1
- 2