The Need for Mobile Device Management

Gone are the days of carrying two phones- one for work and one for personal. Users and employers are finding that it really is possible for employees to use one device for work and personal use. Studies have shown enhanced productivity, streamlined availability and increased user satisfaction. On the employer side, benefits include reduced equipment cost and a potential decreased IT staff burden (since the employee maintains their own equipment).

But how do you balance the benefits and risks of managing mobile devices? A whole slew of questions presents itself when a adopting a device strategy.

  • What if a phone, with company information, is stolen or lost?
  • How is the company is protected from mobile-borne threats?
  • How will these devices impact our wireless network?
  • What devices can be supported?  What if users change their phones or tablets?

And don’t get us started on security… Most experts agree that tablets and smartphones are arguably less secure than traditional computers, as they lack pre-installed malware protection. Most users or employers are on their own to search for and install mobile endpoint security management. This vulnerability has not escaped the attention of hackers, who unleash creative new threats like SMS text messaged-based attacks on a daily basis. This newer area of cybercrime includes more sophisticated Trojans, keyloggers, phishing attacks and malicious apps.

So how do you get your employees to become comfortable with the balance between the employer needing control and the end user desire for freedom? This needs an approach for both corporate owned devices with allowed personal use OR personal owned devices with allowed corporate use. Many analysts say the best practice is for employers to control only the functions that are essential to protect the company and empower end users with the freedom to use the device for wider business and personal tasks – as long as there is no material impact on corporate resources.

The answer is Mobile Device Management (MDM). MDM allows the employer to manage smartphones and tablets from the cloud, providing a centralized platform to manage all devices, track devices, remotely wipe data, apply browsing policies and more. A MDM solution can provide:

  • Automatic updates
  • Remote configuration and monitoring
  • Compliance reporting
  • Passcode configure for better protection
  • Remote disconnection or disabling of unauthorized devices and applications
  • Scalability, so new users and devices can be added easily

At Datotel we’re helping protect our client’s corporate networks and data through our MDM solution. So whether your team is using their mobile devices to review corporate documents, take photographs of a job sites or simply reading their email; we’d be happy to talk with you further about how our MDM solution may be able to help you.

Posted in BYOD, Mobile, Mobile Device Management, Risk, Security | Tagged , , , | Leave a comment

Why Patch Management is so important

You’ve seen the news and read the articles. The recent ransomeware attack is being called the largest ransomware attack in internet history. But did you now that the damage could have been avoided if those computers had been properly patched?

What is patch management?

“Patches” are upgrades for software applications and technologies that you have on your computers and network devices. A Patch Management strategy is an ongoing plan for managing patches that can help a business or organization handle the changes efficiently.

Why Patch Management is so important

As more devices and operating systems are introduced into your organization, security and endpoint management of desktops, laptops and mobile devices, become increasingly difficult. With every new connection, the need for more sophisticated patch management and lifecycle management takes on added importance. Figuring out how to manage this expansion of devices has become a huge headache and risk for business today.

Datotel offers an Endpoint Management solution that automates the patching process for devices – both on and off your network. Plus, it provides you with at-a-glance visibility into the patching status of your entire IT environment. Our engineers ensure that your Windows and third-party patches are at a secure level. We monitor for available patches, gather and validate patch data and track patch distribution in real-time

Additionally, our Endpoint Management solution includes managed anti-virus, asset tracking and reporting and remote management.

A regularly maintained network means fewer failures, higher productivity, cost savings and enables you to focus on your core business activities, instead of managing devices and problems. Here is a link to a recent article from a Washington University cybersecurity expert: Preventing WannaCry, other ransomware attacks. I encourage you to make sure your machines are updated and protected. If you would like to learn more about Datotel’s Endpoint Solution, please let us know.

First Name (required)
Last Name (required)
Email (required)
Phone Number
Address
Company
Title
Posted in Endpoint Management, Hardware, Patching, Risk, Security | Tagged , , , , | Leave a comment

Protect your business from ransomware

It seems like everywhere I go this week people are talking about “the worm”. From my Dentist to baseball practice, everyone wants to know how to be protected. If you’ve been out of the loop, last Friday, May 12, unknown hackers carried out one of the biggest cyberattacks to date, spreading of the worm dubbed WannaCry, a “ransomware” that locked up more than 200,000 computers in more than 150 countries. This attack, spread via email, was allegedly stolen from the National Security Agency and it only affects Microsoft Windows systems. Once WannaCry enters a PC or Server, it locks all the files. The attack is particularly dangerous for businesses, as it takes just one employee for the attack to spread in the entire network, without any user interaction. The hackers then asked users to pay hundreds of dollars in ransom to unlock their data.

Our best advice… first, stay skeptical of any unknown or unexpected email and attachments. Education for you and your team is the best first step.

Next, make sure your servers and computers all have the latest updates. The good news on this particular ransomware is that Microsoft has provided a security update that provides protection against this potential attack. If you use their free anti-virus software and have Windows Update enabled, you should be protected. However, if your patching is inconsistent or if you have outdated operating systems, you likely have computers that are vulnerable. Microsoft has taken the “highly unusual” step to provide public patches for Windows operating systems that are in custom support only. This includes specific fixes for Windows XP, Windows 8, and Windows Server 2003.

Lastly, make sure you have implemented a data back-up and recovery plan to maintain copies of your data in a separate and secure location. Backup copies of sensitive data should not be readily accessible from local networks. Test your backups regularly to ensure they work correctly upon use.

So what do you do if you already clicked on a suspicious email? If an attack is suspected or detected in its early stages, unplug and shut down the infected computer. The attack is likely going to warn you not to “disconnect from the Internet or turn off the computer – don’t listen! Unplugging your computer may save some of your files. If you suspect that the attack has been downloaded, remove the infected computer from the network immediately and seek assistance.

Luckily, WannaCry was stopped by a security researcher who found the malware connected to a specific domain that wasn’t registered. He bought the domain for $10, and that effectively activated a kill switch and ended the spread of WannaCry. Nevertheless, we may not have seen the end of WannaCry, we’ve already heard rumblings of variants of WannaCry beginning to make the rounds. Stay vigilant, make sure your patches are updated and call for help if you need it!

Posted in Backup, Datavaulting, Risk, Security | Tagged , , , , , , | Leave a comment

The Datotel Risk Assessment Methodology

Risk assessments come in many forms, but the underlying purpose is to identify and document known risks to a given process or system and identify the consequences if that risk were to occur. With the risks both identified and quantified, an organizational response can be developed to either mitigate the risk from materializing in the first place or proactively putting solutions in place to minimize the negative impact should it occur.

At Datotel, we help our clients through this process of collating the known risks that are typically only found in the heads of their employees and distilling them into a documented form. Once documented, it’s much easier for the organization to address the risk and put plans in place to address them in a proactive manner. We focus predominantly on the data, systems and infrastructure itself to ensure security, confidentiality, data integrity, privacy and availability.

The goals of this process is to place the organization in a more proactive position to manage their risks and minimize their financial and reputation loss to the organization. Of course, this isn’t just a once and done exercise, but rather a methodology that produces ongoing deliverables to be executed to upon a given schedule.

For more information on our approach to risk assessments and how to conduct one at your organization, please contact us.

Posted in Company Info, Risk, Security | Tagged , , , | Leave a comment
  • The Need for Mobile Device Management:

    Gone are the days of carrying two phones- one for work and one for personal. Users and employers are finding that it really is possible for employees to use one device for work and personal use. Studies have shown enhanced … Continue reading

    ...more
  • Admin Terms of Use Contact Us