Managed IT Services Blog

Businesses that lack adequate data security are exceptionally vulnerable to cyberattacks. They’re also are more likely to experience problems associated with mismanaged, unorganized, and insecure data. If you don’t have an IT security plan in the modern age, you’re exposing your business to unnecessary risk and liability. A comprehensive IT security strategy can help you protect your business, your customers, your data, your viability, and your integrity. We’ve laid out three essential components of an IT security roadmap to help you protect your company and plan for the future.

Two Factor Authentication (2FA) or Multi-factor Authentication (MFA) is the most common preventative measure that companies and organizations implement as an additional layer of security to the standard username and password login credentials on a website or application. Taking a half-step back, 2FA/MFA can be described as something you know and something you have. 2FA/MFA is currently used on almost every application, from banking websites to SaaS services to video games

From a Microsoft Azure Active Directory perspective, there are two approaches to MFA:

1. A laser accurate approach specific to the application in the Azure blade using conditional access

2. A global approach managed through the “Multi-factor authentication” page via Office 365

While every year brings new challenges for CIOs, CTOs, IT teams, and businesses overall in the expanding digital landscape, there are also countless opportunities to learn how to overcome those challenges with new technology and approaches. With the numerous Boston technology conferences available, businesses can learn more about the industry and opportunities from experts, peers, and specialists.  

In a recent HFS/Accenture Study of 460 enterprise operational executives from across the globe, 96 percent of respondents said predictive decisions based on real-time data are the biggest drivers impacting business. This sample is a clear indication of the impact of operational intelligence in a data-driven world.

Businesses today are built around information technologies that drive strategy and operations. Consequently, IT has had to evolve from reactive to proactive by leveraging operational information via real-time data monitoring and management systems.

As data with enterprises and in the cloud grows exponentially, organizations continue to look for ways to harness it and glean diverse insights to help meet business goals. While there are numerous tools for managing and monitoring data, few can provide a universal approach across all data sources, both on-premise and in the cloud.

As organizations have moved more and more critical applications, workloads and services to the cloud, I am often asked by clients to help them review their overall cloud strategy and architecture from a best practices and security point of view.

As we're several years into this cloud migration for most organizations, a lot of things have changed regarding how they leverage the cloud, the type of applications and services they need to be able to provide and how they control and monitor access to resources. No two organizations are exactly the same, but more often than not, the underlying fundamentals are consistent across organizations.

The definition of “shelfware” from TechTarget:

“Slang for software that a company buys because of a perceived need or demand but never uses; hence, it sits on the shelf.”

This definition should be expanded to include software that was purchased for a legitimate need, implemented to serve that need, and then allowed to stagnate until it’s no longer used or useful. There are many reasons why this stagnation happens:

Password complexity has been touted for some time to prevent identity theft. Especially in an Active Directory environment. Typical password complexity rules in Active Directory are:

• Uppercase characters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters)
• Lowercase characters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters)
• Base 10 digits (0 through 9)
• Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
• Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This includes Unicode characters from Asian languages.