Most companies have their super power, the secret sauce, their trade secret.
The managed services provider (MSP) industry is no different.
The secret sauce in the MSP industry is the process. Specifically the alignment and the CIO process. Many companies have these rolls (one of the 5 roles in any MSP business) but that’s not what makes a company unique. It’s the steps in each role that differentiate the 10 minutes MSPs from world class. What makes your business world class?
This monthly publication provided courtesy of Nadeem Azhar, Owner of PC.Solutions.Net
Our Mission: To build a community of successful-minded entrepreneurs that inspires excellence, encourages collaboration and expands the capacity of all members to achieve great things.
Don’t Let Your Employees Become Your Biggest Vulnerability
A couple years ago, TechRepublic ran a story with the following headline: “Employees Are Almost As Dangerous To Business As Hackers And Cybercriminals.” From the perspective of the business, you might think that’s simply inaccurate. Your company strives to hire the best people it can find – people who are good at their jobs and would never dream of putting their own employer at risk.
And yet, many employees do, and it’s almost always unintentional. Your employees aren’t thinking of ways to compromise your network or trying to put malware or ransomware on company computers, but it happens. One Kaspersky study found that 52% of businesses recognize that their employees are “their biggest weakness in IT security.”
Where does this weakness come from? It stems from several different things and varies from business to business,
but a big chunk of it comes down to employee behavior.
We all make mistakes. Unfortunately, some mistakes can have serious consequences. Here’s an example: an employee receives an e-mail from their boss. The boss wants the employee to buy several gift cards and then send the gift card codes to them as soon as possible. The message may say, “I trust you with this,” and work to build urgency within the employee.
The problem is that it’s fake. A scammer is using an e-mail address similar to what the manager, supervisor or other company leader might use. It’s a phishing scam, and it works. While it doesn’t necessarily compromise your IT security internally, it showcases gaps in employee knowledge.
Another common example, also through e-mail, is for cybercriminals to send files or links that install malware on company computers. The criminals once again disguise the e-mail as a legitimate message from someone within the company, a vendor, a bank or another company the employee may be familiar with.
It’s that familiarity that can trip up employees. All criminals have to do is add a sense of urgency, and the employee may click the link without giving more thought.
This happens when an employee clicks a link without thinking. It could be because the employee doesn’t have training to identify fraudulent e-mails or the company might not have a comprehensive IT security policy in place.
Another form of carelessness is unsafe browsing habits. When employees browse the web, whether it’s for research or anything related to their job or for personal use, they should always do so in the safest way possible. Tell
“One Kaspersky study found that 52% of businesses recognize that their employees are ‘their biggest weakness in IT security.'”
employees to avoid navigating to “bad” websites and to not click any link they can’t verify (such as ads).
Bad websites are fairly subjective, but one thing any web user should look for is “https” at the beginning of any web address. The “s” tells you the site is secure. If that “s” is not there, the website lacks proper security. If you input sensitive data into that website, such as your name, e-mail address, contact information or financial information, you cannot verify the security of that information and it may end up in the hands of cybercriminals.
Another example of carelessness is poor password management. It’s common for people to use simple passwords and to use the same passwords across multiple websites. If your employees are doing this, it can put your business at a huge risk. If hackers get ahold of any of those passwords, who knows what they might be able to access. A strict password policy is a must for every business.
Turn Weakness Into Strength
The best way to overcome the human weakness in your IT security is education. An IT security policy is a good start, but it must be enforced and understood. Employees need to know what behaviors are unacceptable, but they also need to be aware of the threats that exist. They need resources they can count on as threats arise so they may be dealt with properly. Working with an MSP or IT services firm may be the answer – they can help you lay the foundation to turn this weakness into a strength.
FREE Report: 12 Little-Known Facts Every Business Owner Must Know About Data Backup And Disaster Recovery
You will learn:
– The only way to know for SURE your data can be recovered if lost, corrupted or deleted – yet fewer than 10% of businesses have this in place
– Seven things you should absolutely demand from any off-site backup service
– Where many backups fail and give you a false sense of security
– The #1 cause of data loss that businesses don’t even think about until their data is erased
Claim your FREE copy today at
Spiral of Death
There is usually a right way to do something and many wrong ways to do it. Same is true for IT industry. I talk to business owners all the time in SMB space and many of them have their own IT departments or at least IT admins. The common theme is that the IT admin is an expense, that role is always busy putting out fires, taking care of support tickets and there is never time to focus on and think about strategic initiatives. The issue here is, without focusing on strategic initiatives you’ll never break out of the support spiral of death and that’s why many IT departments are caught up in it in the first place.
What differentiates a world class IT provider from the rest is the process, the secret sauce, the super power of having controls and checks in place to do the things that lower support ticket volume and in the long term reduce downtime and support issues. It’s almost like replacing a workstation that is already dead vs replacing a workstation that’s not dead but has reached end of life. It’s always going to be faster and cheaper to replace a workstation before it’s completely dead!