Posts

A business owner thinking about choosing a Managed IT Service Provider

5 Mistakes When Choosing a Managed IT Service Provider

What is The Role Of A Managed IT Service Provider

One of the biggest misconceptions about working with a managed IT services company is the idea that you have to replace your IT department.

However, that couldn’t be farther from the truth. Managed Services companies are usually brought in to augment and assist existing IT personnel.

Small and medium sized businesses often hire a managed IT services company to provide the same support they would have with an advanced IT department at a lower cost.

Co-managed IT services are options as well. Co-management services are for businesses that already have an IT department but want to improve upon it while taking advantage of the cost savings and structure of an MSP.

The benefits of a managed services company are numerous. For one thing, they handle application and network security issues while lightning the workload for I.T. departments.

Every business wants to grow, but growing too fast comes with its burdens as well. Rapid, exponential growth could start putting a strain on your resources and time. IT is no exception.

But, should you make the decision of hiring a managed IT services company, you have to know what to look for.

Unfortunately, business owners fail to consider some very important factors when choosing an MSP that is right for them.

Here are 5 BIG mistakes businesses make when hiring an MSP and how to avoid them.

1) Letting Managed IT Services Handle ALL of your Problems

Outsourcing all of regular applications and security to an MSP doesn’t rid you of responsibility. It’s still very important that you develop a strategy alongside your IT department and review it with the Managed services provider.

Businesses have to stay in the know when it comes to IT solutions and requirements. An MSP might know your industry well, but only you know your company.

As a business owner you need to discuss compliance, security, infrastructure and strategy regularly and frequently. This ensures the MSP is doing their jobs according to your business goals and complimenting them.

2) Relinquishing Control

Some providers gain popularity simply because they are large. But that doesn’t make them right for your business. Especially since they are so large that establishing a point of contact is nearly impossible.

This is a big problem among large public cloud providers. Public cloud providers have so many clients that they don’t have the time to cater to a individual client’s needs. It devolves into a tenant/landlord relationship rather than a partnership.

You are sharing their services with other businesses and they don’t have time to review your concerns. There are even cases where support is sold separately from the cloud service.

At the end of the day an MSP is an extension of your business, not a business unto itself. They are there to consult and contribute but not control. Choose a provider that is transparent and easy to access.

Which leads me to mistake number three.

3) Choosing a provider that is indifferent about response time.

Downtime is a significant issue for all businesses. However, not all MSP’s act accordingly when it comes it comes to downtime.

Choosing a provider that fails to properly respond to down time is particularly horrible because it can be frustrating, agonizing and terrifying.

Imagine your business goes down and not only is the response time slow, but support is nearly unreachable. The average response time for a large MSP is 5.5 hours. They often market themselves in a way that de-emphasizes their response time in favor of their durable network and security. But, that’s just a trick.

A great MSP has multiple alert systems and responds to downtime in twelve minutes or less. Anything beyond that is negligence. It doesn’t matter how popular, “efficient” or “secure” an MSP is when during an outage or downtime they’re nowhere to be found.

54 percent of companies experienced a downtime event that lasted more than eight hours. That means over half of all companies, regardless of size, experience downtime of over a full work day. Furthermore, that could lead to massive hits in profit and revenue.

According to a Ponemon Institute Study, the average cost of an outage is $9,000 per minute. Let that sink in. Eight hours, sixty minutes an hour, $9,000 per minute. Let that sink in.

4) Thinking all MSP’s are Essentially the same

All MSP’s are different. Managed IT Services companies have resources and tools that suite different companies. Don’t assume that all MSP’s offer the same services or have the same expertise.

For example, Nerds Support works with many financial services companies and CPA’s. As a result, we put a heavy emphasis on cloud compliance and regulations. Financial firms are heavily regulated due to the sensitive information they work with on a regular basis. So whatever MSP a financial firm hires has to closely follow those same regulatory guidelines.

To achieve compliance we had to undergo SOC I and SOC II audits to ensure our clients felt secure relying on us with securing their data and systems.

You have to make sure you ask any potential MSP the right questions. If you want to know exactly what questions to ask a prospective MSP, check out our e-guide “22 Questions for your IT Department”.

5) Misunderstanding Service Level Agreements

The contract between a company and a Managed IT services provider is called a Service Level Agreement, or SLA. Make sure that the contract and the agreement are clear that all relevant staff knows the ins and outs.

That includes where and when these services are available, where their servers are located, how to contact support and what is covered in the terms of billing.

The MSP should provide you with a non-disclose agreement that needs to be signed before the provider gains access to your company’s confidential data.

There should also be an understanding of how to report and analyze resources and services. If something isn’t working to your expectations, know how to report it and who to report to.

An accounting firm considering to accept cloud technology.

Why CPA’s Need Cloud Services To Survive

Cloud Services For Accountants is More Important Than Ever

As a CPA firm you’re going to have to adjust to this new remote reality. No one expected the lock-down, however firms that operated on the cloud had an advantage over those who hadn’t yet or only did so partially.

Many accounting firms learned to understand how the right technology could help them access and review financial information, create reports, manage accounts and more.

There is no telling how or when businesses will open up. Moreover, reopening A CPA firm to its full capacity requires much more than opening the doors, turning the lights on and wiping off the dust from your desk.

It is a gradual process that will require much planning and the transition itself will depend on many factors.

That is why cloud technology has become so pivotal in the last few months. The lock-down put many accounting systems to the test, forcing everyone from individual practitioners to larger firms to operate continually outside of the office.

Firms that migrated to the cloud prior to the lock-down are doing well. Their client data secured in a data center and their applications on a cloud network ready to use. The Accounting industry has been discussing the impacts that would occur as a result of the cloud. Now, it’s no longer a theoretical discussion.

Experts predict cloud accounting to be a permanent feature of any CPA firm. Firms that didn’t migrate to the cloud previously might be asking if it’s too late for them. The answer is a definitive no.

Video Conferencing

Firms that use Microsoft 365 might be familiar with Teams. Teams is one of the many video conferencing applications firms are using to communicate while working remotely.  There are also applications like Zoom, Google hang outs, and Skype. These video tools facilitate collaboration and, with the right cloud service provider, can create an effective remote environment.

Financial services experts and CPA’s are discussing the possibly of permanent remote advising. Remote advisory services was always the direction technology was heading in. However, the lock-down that proceeded the COVID-19 pandemic only sped this transition.

These remote services will only be afforded to firms willing to migrate and adopt the virtual tools necessary to perform these roles efficiently.  That means finding a managed services provider with cloud hosting capabilities that are designed to meet your firm’s needs.

Remote Advising Through The Cloud

Remote advising is the future of the financial services industry. Technology was already in the processes of changing the role of CPA’s towards more advisory positions. With software automating much of the compliance work once handled by an accountant or bookkeeper.

James C. Bourke, a CPA an accountancy technology expert, predicts that if CPA’s are not spending on technology solutions that are accessible remotely, they will be revisited.

“Priorities are going to change on technology spending, once we are all back in the office,” he said in a recent podcast.

Adopting a cloud storage system that can handle any project without downtime can help your business succeed with remote work.

Migrating  Your Firm to The Cloud

Can you migrate mission critical applications to the cloud now? Specifically can you migrate Document, tax, engagement, and practice management to the cloud?

According to Bourke, currently, migrating to the cloud will be difficult but CPA’s should do everything they can to prepare themselves for a cloud migration when we return to normalcy.

That requires firms to research the best cloud providers, checking to see if they have the right security and compliance tools to provide your firm with the proper IT support without failing to meet regulation standards.

Technology disruption and the shifting to more advisory services are creating a professional environment where accountants must offer more valued and diverse skill sets.  However, this also means shifting focus to the client’s specific needs and away from other aspects of your practice like software, cyber security and IT services.

Leveraging the Cloud

If you plan on working as a trusted advisor you need to understand the implications of these shifts and what these tools mean for your firm. It’s not only adopting a cloud solution but adopting one that has the services that benefit your firm the most. Migrating to the cloud is like purchasing a car. Just because it has four wheels and an engine doesn’t mean it will be the vehicle you.

There are many types of cloud providers and every cloud provider has different assets, strengths and weaknesses. There are public, private and hybrid cloud. Different cloud companies like Azure have cloud services but require you to pay an extra fee for support services. Nerds Support’s accounting cloud services utilizes software that complies with SOX and FINRA standards for example.

Other cloud providers like AWS are public clouds with thousands of clients. Their service would be less personal and contacting support is difficult.

Cloud Accounting is The Future

A Survey in The New Jersey Society of CPA’s, revealed that 40 percent of participants expected a decrease in revenue as a result of the COVID-19 pandemic. The development of cloud technology and remote services will work to mitigate revenue loss once properly implemented.

The abrupt switch from in-person accounting services to remote focused work was jarring. Firms were unprepared for the demands of a remote work environment. However, now that industries, not just Accounting, have seen the results of a shut-in, firms will work to eliminate this vulnerability by revisiting cloud technologies and focusing on remote tools.

Managed Service Providers expect an increase in demand for public cloud services. Specifically, a an increase in SaaS, industry- focused apps. These include collaboration and other productivity and business continuity tools.

The social shift towards online platforms (VOD, social media platform, and cloud gaming) shift focus towards cloud infrastructure automation/management software.

In other words, cloud environment reliability, optimizing online platforms and the performance of your infrastructure determine the success of your firm in the future. Clients now and in the future will require and request online services.

Make sure your firm stays protected and ready for this new shift.

Accountant working remotely from home accessing QuickBooks on his laptop

QuickBooks Hosting is The Solution For Remote Businesses

QuickBooks Is Perfect For Remote Work

As a result of the Lock-down in 2020, many industries, including financial services, are undergoing massive changes. The focus on executing virtual strategies and remote consulting has transformed the landscape of accounting possibly forever.

That  being said, there is a software tool that streamlines accounting processes and facilitates the transition to more permanently remote operations and that is QuickBooks.

QuickBooks is considered one of the most powerful accounting software for businesses across industries. Saving money, time and effort it introduces features that help track and report company finances.

Here are 9 Reasons why QuickBooks Hosting is Right for Your Business

1. Saving Time

Save time on bookkeeping and paperwork because many of simple bookkeeping tasks are handled automatically making it easier to run your business.

Bookkeeping paperwork has always been a hassle but with the emergence of remote advising, filing, sending and managing the appropriate documentation is more difficult and time consuming. QuickBooks automates simple bookkeeping tasks that would otherwise make running your business remotely more challenging.

2. Reports and Data are Easy to Access

Generate reports with the information you need, so you always know where your business stands. You instantly know whether you’re making money and whether your business is healthy.

You can generate reports that would require gathering resources and information not readily on hand. QuickBooks software contains assets that let you know where your business is in terms of finance. You’ll find information that tells you how much money your business is making and organize your financial strategy.

3. Cost Efficiency

Remote working could be seen as an opportunity to cut costs, or at the very least, reallocate resources. QuickBooks is an affordable application that runs at scale. Whether it’s a $6 million or a $46 million business, you can use this tool for a few hundred dollars. Achieving the most for the least.

4. Promotes Business Growth while Staying Complaint

Growth Is imperative and working remotely doesn’t change that. QuickBooks gives you the right tools and data to use when designing a business plan. Maybe you want to secure a small loan or open a credit line for your small business. You’re able to create a balance sheet, statements of profits and losses, and cash flow charts, all of which follow theU.S. Small Business Administration’s compliance guidelines.

5. Customization and Scalability

As I alluded to above, QuickBooks is designed for scalability. The tool is flexible enough to work for a large variety of small businesses across multiple industries. Furthermore, it has custom accounting packages for CPA’s, Health Care professionals, Retailers and more.

6. Broad Range of Tools for Almost Every Business

QuickBooks is expanding their services and plans to get to over ten million users by the decades end. There are currently 2.55 million subscribers to QuickBooks. Those are 2.55 million customers that leverage the tools and features QuickBooks offers to improve their businesses.

7. Automated Backups

QuickBooks hosted solutions has an automated backup service. This keeps important financial data safe. Partnered with the right cloud provider, data is guaranteed to stay secure and accessible.

8. Invoicing is Easier

Working remotely forces you to work with the digital tools you have in hand. When processing payments through QuickBooks, all that’s required is a simple email transaction. E-mail a statement or invoice, you’re able to process payments with credit card or bank account transfers digitally and in one central hub.

9. No additional hardware or Software Needed

Remote work is requiring businesses to restructure how they accept payment. Your clients will have to complete transactions digitally rather than in person and QuickBooks Merchant Account Services integrates with software to retain client data. In other words, returning clients won’t have to input the same information more than once. Card Scanning machines, or payment squares ineffective in a remote setting. QuickBooks allows for remote operations to continue without issue.

I.T. Doesn’t Stop There…

QuickBooks is an invaluable resource for a business looking to thrive in a remote environment. If you want a solution that protects your business infrastructure and Computer devices, I recommend looking for a Managed services provider that has QuickBooks integration. Nerds Support is a QuickBooks hosting partner and includes QuickBooks with all its other IT services and cyber-protection software.

Finding a managed IT provider that comes with QuickBooks hosting will save your business even more money. Instead of having QuickBooks separate from your IT and cyber security needs, you’ll have everything set up in one place. And with the amount of phishing and cyber attacks targeting remote businesses it’s a good idea to focus on your IT infrastructure as well.

Cyber criminal breaching federal emergency loan site for access to money.

8,000 Emergency Loan Applicants Affected by Data Breach

The SBA Was Breached

8,000 small business owners who applied for loans from the Small Business Administration potentially had their personal information exposed last month, admits the agency.

The Economic Injury Disaster Loan program (EIDL) offers up to $10,000 to owners currently struggling with their businesses due to the COVID-19 pandemic.

Who Is Affected?

The breach affects people who applied for the EIDL. Traditionally, it was used to aid owner whose businesses were impacted by tornadoes, hurricanes and other natural disasters. Congress expanded it in the $2.2 trillion CARES Act.

Notification letters were sent to 7,913 applicants possibly impacted by the breach and then the letters were posted online. The letters revealed that personal data could have been exposed to other applicants. This data included phone numbers, addresses, dates of birth, income and financial information, and social security numbers.

What’s In the Loan Program?

The Economic Injury Disaster Loan program (EIDL) offers up to $10,000 to owners currently struggling with their businesses due to the novel coronavirus pandemic.

A Trump administration official described the issue to CNBC saying that an error occurred when some owners would hit the back button on a page they would see the information of someone else’s businesses rather than their own.

How Did The SBA Find Out?

According to reports by the Washington Post, the SBA was initially silent on the duration of the breach or about details of its discovery. Businesses that may have been affected were notified by the SBA and offered one free year of credit monitoring.

The Agency said it discovered the vulnerability on March 25 and notified those affected with letters. A copy of the letter was posted by a victim after the breach. The letter itself mentioned that there is no sign of data misuse as of last week.

What’s The SBA’s Track Record?

Business owners have had issues with the disaster loan website before. The site was taken down for maintenance for several hours on March 16, and owners could not apply during that time. On March 29, the SBA revised its application process for the disaster loans and owners had to reapply. Many learned days or weeks later that they needed to reapply.

Business owners experienced issues with the loan website previously. In fact, the site was taken down for maintenance for hours on March 16. This meant owners couldn’t apply for a loan in that time. About two weeks later on March 29, the SBA updated the application process for the loans and owners were required to reapply.

How Much Money Was Allocated?

As of April 19, SBA had approved almost 27,000 EIDL loans valued at $5.6 billion. Another 755,000 businesses received EIDL grants worth a total of $3.3 billion. The Trump administration official told CNBC that 4 million business owners had applied for assistance worth $383 billion—far more than the $17 billion allocated for the program.

Even before the breach the agency website was strained by a flood of applications for the loan that overburdened funding, keeping businesses waiting for weeks to receive money.

Before the COVID-19 crisis small businesses should have been eligible for up to $2 million in disaster loans. Unfortunately, because millions of companies are now seeking assistance,  the SBA had to limit the loans to the previously mentioned $10,000

What are the Risks Now That There Was a Breach?

That being said, the SBA approved nearly 27,000 EIDL loans since April 19. However, the breach raises a problem for anyone looking to exploit personal information on the website for social engineering scams. IBM Securities published research revealing it had seen a 6000% increase in email campaigns impersonating the SMB.

For more information on cyber security, cloud, remote work and more, visit Nerds Support’s blog.

 

FINRA updates with a cybersecurity alert COVID-19

FINRA Announces Security Measures for Financial Firms

Like other businesses, firms have taken measures to mitigate COVID-19 related risks. These include,  employees and associates working remotely or video conferencing to maintain efficiency while social distancing policies are in place.

Although focusing on the health of members and associate is important, it is also imperative to be aware of the cyber security vulnerabilities that are manifesting as well.

As workers accustom themselves to remote processes, financial firms should take steps to protect themselves and their clients from an influx cyber-attacks on home networks.

FINRA Alert

In March 2020 FINRA released a notice that firms should take appropriate measures to protect client information on business and home networks as well as mobile devices and tablets.

Cyber Attacks On The Rise

Cyber attacks related to financial relief checks went up in the last few weeks, while hackers continue to target vulnerable individuals.

Cyber security firm Check Point reported an average of 14,000 coronavirus-related cyberattacks per day in the past week, six times the average daily attacks in the second half of March. Additionally, this recorded number shot up to 20,000 daily attacks since April 7.

Coronavirus (COVID-19) related scams are growing exponentially as job loss, social distancing and unsecure home networks provide the conditions for hackers. Phishing scams, investment fraud, and fraudulent CDC emails are just a few ways cyber attackers are leveraging the virus.

According to a recent article by The Hill, the FBI saw a spike in reported cyber crimes on its Internet Crime Complaint Center (IC3), as hackers and cyber criminals take advantage of Americans’ move towards primarily online activity.

Home and Office Networks

Establish a secure connection when accessing your firm’s work environment. This can be done by setting up a VPN Virtual (Private Network) or partnering up with a Managed Services Company that can secure your network.

When using a Wi-Fi connection, secure it with security measures like WPA2 or HTTP strict transport security. These measures prevent hackers from accessing your network or infiltrate your site with man-in-the middle cyber-attacks.

Update software and patches regularly. Cloud security and compliance platforms like Workplace, which is used and integrated by Nerds Support as well, automatically run a diagnostics on potential security vulnerabilities on work devices.

Make changes to the user names and passwords of home Wi-Fi routers if they use default user names and passwords.

Always lock your screen when leaving your devices. Whether you are in a shared work environment or alone, it is never a good idea to leave your devices open when unattended and out of sight.

File and back-up your data frequently. For example, Nerds Support backs up all of our client data and store it in an offsite data center that can be accessed through our cloud network. This means that data can never be lost and guarantees all personally identifiable information (PPII) is safe and accessible by the firm.

Common Attacks

Although we’ve gone over COVID-19 related cyber attacks in another blog, we’ll briefly review them here.

Common COVID-19 Cyber Attacks include phishing & vishing scams offering false information or asking for personal information.

Continuity Planning

Understand your firms policies and establish a business continuity plan. In the event of a security breach, an outage, a stolen or lost device, or phishing attack, what steps is your firm taking to remediate the issues?

Contact Information

When using a video conferencing app or service, ensure the appropriate security measures are included in their policies.

Develop a structure for access to sensitive data and systems.

Provide staff with all the necessary contact information. Establish a plan for communication (where and how). Are you communicating through a VoIP system or Video conferencing application?

Assess and Verify

Do not hesitate to alert your IT department or team when confronted with any of the issues we’ve discussed. It is not uncommon for remote workers to overlook these points. Keep constant communication with everyone in your IT team to ensure all protocols are being followed and your systems remain aligned within regulation standards.

If you want a free IT Assessment to verify your systems are secure you can always contact us.

Now is the perfect time to assess your technology. Check if your existing IT is up to standard or consider c0-managed services to strengthen your IT capabilities.

Do you know if the computer you use to access client data is safe? Don’t compromise your firm by leaving security vulnerabilities unchecked.