The title

Category: Information Technology

What is your business risk from broadband outage?

Cybercrime has been in the news extensively and we have commented on the threats posed by Ransomware and DDoS attacks. However recent events here in Singapore have highlighted another often ignored and very real threat to SME businesses – what happens when your broadband service provider experiences a major outage?

Singapore telco Singtel experienced an islandwide outage of its fibre broadband service for nearly 24 hours over the weekend.

This follows on closely from two recent broadband service outages that hit Singapore based service provider StarHub and that have been attributed to “intentional and likely malicious attacks” on its servers.

Over the past few months broadband outages have been reported from BT in the UK, Deutsche Telekom in Germany, and Australian telco Telstra which has experienced 7 major outages in recent months!


Why does this matter?

Well aside from the inconvenience to millions of consumers denied access to their favourite content on the internet it can have a devastating impact on businesses.

To put it bluntly you need your network to run your business. In these challenging and competitive times, few businesses can afford a single location to go off-line, and definitely not the HQ or the data centre!

If you experience a broadband outage, your network goes down, and your business is impacted – but by how much?

The reality is that most SME business owners don’t know the answer to that question… until the network goes down!

Above and beyond the immediate direct costs, there are indirect costs:

  1. Loss of employee productivity
  2. Reputational damage with customers, suppliers and banks
  3. Loss of current revenue, loss of future revenue, and in some cases compensatory payments

Short broadband network outages can be an expensive nuisance, but the impact of larger outages can be devastatingly insurmountable for some businesses.


How can I protect my business?

  1. You can reduce your exposure by having a secondary broadband provider. By having a second internet connection, the internet activity can be load balanced over the two lines with an automatic switch-over in the event of a network issue.
  2. If you are the business owner of  an Internet-dependent SME you may want  to avoid a dangerous over-reliance on fixed networking solutions by having either a Wireless 3G/4G enabled router, or satellite-based solution for additional backup.

The first step is a thorough risk assessment

Clearly there are costs to either or both of these solutions. And the temptation is to ignore the issue.

But there are costs to doing nothing, and you will only discover the full extent of that cost when you experience a broadband network outage.

The prudent approach is to conduct a thorough risk assessment followed by a cost-benefit analysis.

If you would like to discuss this issue and what it means for your business, please get in touch and we will facilitate a thorough review to help you gain clarity, we will  inform you on your best options, and if required we will implement a solution for you.

Since inception in 1996, PASR Technologies has been providing SME business owners with a level of service and support to the SME business owner that is typically only directly available in very large organisations.

Servicing businesses from 10 to up to 200 employees, our clients range from local SMEs through to regional offices of larger MNCs, and include airlines.

 

 

 

Why The Man With The Van Is Redundant

It is an inescapable reality that most businesses rely heavily on technology, and of the many challenges facing the small business owner many of these relate to IT – issues such as “Who manages your IT?  and How do you deal with IT support and maintenance?

A multi-national corporation with over 1,000 employees has the budget to hire its own IT team. But what about smaller companies? The ongoing problem for the small business owner is how to get effective, cost-efficient support for their technology platform. Many treat IT support and maintenance in the same way as dealing with car maintenance – for example: a printer isn’t working/a tire is flat so call the IT support guy/garage.

The “man with the van” may provide a solution to the immediate problem, but that is ALL he does because his service is reactive.

If your business is reliant on IT please consider the following critical questions:


[1] How long can your business survive without key data?

 

How long would your business last if you experienced a hard drive failure? Imagine losing important customer files and trying to explain to your clients how this happened. If your immediate response to this question is to say: “But we back up our data regularly!” –  sure you may have a back up strategy but do you regularly test your strategy to ensure that you are 100% sure you are able to recover your data in the event of a major disaster or loss.

Statistics show that 60% of backups are incomplete, and 50% of restores failed.


[2] How do you protect the “crown jewels” of your business?

 

How do you protect commercially sensitive data? How do you protect client data held on your computers?

Do you realise that every third party who has access to your IT systems potentially has access to all of your secrets?

What level of security assessment do you undertake on any third-party you bring into your company to undertake IT support and maintenance?


[3] Are you maximising your ROI in your IT assets?

 

  1. Are your computers up-to-date for necessary patches, security issues and updates?
  2. Do you know the exact the locations, counts and disposition of all of your IT assets?
  3. How do you know which of your hardware and software needs updating, upgrading or replacing?
  4. Are you over-licensed on software and thus wasting money?
  5. How do you know that you are getting your money’s worth from independent consultants and vendors?

The Solution

 

The fundamental issue with the traditional “man with the van” approach to IT support and maintenance is that it is reactive.

The solution is to employ an approach and a methodology that anticipates potential problems BEFORE they become an issue and that implements an automated solution in the background.

This solution is provided by partnering with an IT management and support service who provide a Remote Management and Monitoring [RMM] service incorporating a proprietary technology that:

  • Detects problems and identifies potential hazards before they ever impact your company.
  • Provides 24/7 real-time systems status monitoring updates every five minutes.
  • Provides continual updates regarding the state of hardware and software, including logs, performance metrics, patches, antivirus and more.
  • Is continually watching for unusual events, and many of these have fully automated responses.

This proactive solution is the complete reverse of the usual approach of acting AFTER a problem occurs.

This results in a significant increase in productivity, as problems are rectified in the background, without interrupting users, and before they escalate and become a major issue.

Whilst the technology that provides this service is complex and sophisticated, the connection of your business to this service is incredibly simple involving no more than 3 clicks of a mouse!

PASR Technologies provide this service and we would be delighted to speak with you to understand  your issues and to explain more about how your business could benefit from this solution.

Servicing businesses from 10 to up to 200 employees, our clients range from local SMEs through to regional offices of larger MNCs, and include airlines.

At PASR Technologies, we solve your IT problems before you even realize you have one!

 

 


The True Cost Of “One-Off” IT Support

To many small business owners it may seem perfectly logical to bring in an IT support specialist as and when you have an identified need. But the reality is that the one-off approach to IT support issues leaves many holes and doubts and it can prove expensive.

We work with business owners and senior management of organizations with less that 200 staff providing a one-stop shop for all their IT infrastructure needs. We have been doing since 1996. Over this time we regularly come across the same, repeated concerns facing SME management. Regardless of business sector, the same challenges continue to crop up.  One of the big recurring issues is to do with the cost – the true cost – of one-off IT support.


“We don’t know what we don’t know…”

 

This issue of the true cost of one-off support falls into the “we don’t know what we don’t know” category.

For many owners of small businesses, dealing with IT support and maintenance is  the same as dealing with car maintenance. In other words, it’s OK with the “known knowns” e.g. a printer isn’t working/a tire is flat, BUT how do you deal with the “unknown unknowns”? How do you deal with the problems that I don’t know about, like security, malware protection, data leakage?


A lack of consistency leads to cost in-efficiency

 

Over reliance on “one-off” support can expensive. Here is a typical scenario:  You have a problem, for example User A can’t print, so you get external technical support to come in and fix it. They update the printer software and get User A printing and leave. BUT, the very next day, Users B & C can’t print either, so you call the IT support people back in again for yet another fix ….AND yet another fee!

The business impact of your over-reliance on one-off support means that you do not have the consistency and cost efficiency of a centralised and holistic approach that would instead install printers centrally, and roll out appropriate changes and updates to all users via a centralised policy.

Two further examples of how the small business owner’s lack of knowledge is a big exposure for the business:

[1] You bring in external IT support to solve a problem and yet they break other components…and you have know way of knowing.

[2] You can’t determine whether quotes to repair/upgrade are valid, realistic and appropriate.


If you would like to discuss this issue and what it means for your business, please get in touch. Since inception in 1996, PASR Technologies has been providing SME business owners with a level of service and support to the SME business owner that is typically only directly available in very large organisations.

Servicing businesses from 10 to up to 200 employees, our clients range from local SMEs through to regional offices of larger MNCs, and include airlines.

At PASR Technologies, we solve your IT problems before you even realize you have one!

 

The Black Art of SPAM Prevention

Most organisations today categorise email as mission-critical to their business, and so the ability to reliably send and receive emails receives a lot of attention from us. However, as we are all aware, the amount of junk mail – ‘SPAM’ – received is a continuing annoyance.

A quick check of our servers shows that over the past three months, a massive 53% (of nearly 1/2 million emails) of all emails received were suspect. Now obviously it would be great if we could simply block such messages, but detection of SPAM is more a black art than a defined science, and so SPAM filters must be continually adjusted and refined to ensure all real/valid emails get through (zero false-positives) while all SPAM is blocked. We could simply turn off SPAM filters, but generally this would result in 50% extra emails reaching each users’ inbox – a situation no user wants to contemplate.


Breakdown of the 53% Suspect Emails

 

Breaking down the above 53% shows that:

  • 2% of all emails contain malware – Viruses, Trojans etc – we definitely do not want these passed through.
  • 31% of all emails are from known spammers  – we want these blocked automatically, but as some users want to see some of these, we need to provide a mechanism whereby they can be retrieved.
  • 20% of all emails are where we have to be somewhat creative and apply our black-art talents to separating the wheat from the chaff, and it’s this 20% that seems to cause the most questions and mis-deliveries.

How to determine the validity of incoming email?

 

So what ‘black arts’ do we employ to determine the validity of this 20% (90,000) of messages? Essentially, each and every message is tested and given a Spam Confidence Level (SCL) score, and when it gets above a defined level, it is tagged as SPAM. Virtually all anti-SPAM solutions – whether in-house, or in-cloud, software-based or appliance-based – employ some or more of the following checks:

  1. Reputation of Sender:
    1. Is the sending server on a blacklist? This occurs when a recipient reports receiving SPAM from a server, and is placed on one or more of the 100+ blacklisting organisations.
    2. Is the sending server properly set up with a fixed address – determined by whether it has a Reverse-DNS (RDNS) entry. (Spammers will use arbitrary/impermanent servers).
    3. Does the sending organisation designate approved sending servers – via the Sender Policy Framework (SPF) stipulated in DNS
  2. Message Content:
    1. Does the message subject or content contain known SPAM-like words – such as ‘Drugs’, ‘Viagra’ and so on.
    2. Does the message contain multiple languages, such as combined English & Chinese?
  3. Message Distribution:
    1. How many recipients is the message sent to? More than a handful generally means the message is more likely to be Unsolicited Commercial Email (UCE).
  4. User Overrides:
    1. Has a given user either black-listed or white-listed a particular address?
    2. has a given user chosen to be more or less aggressive in their application of the above checks?

How to ensure that emails we send get read?

I trust from the above readers can get an idea of the issues we face in categorizing SPAM for delivery, and I trust that readers will also see that it’s very much an imperfect ‘guesstimation’ at best, and there is little as recipients we can do to more accurately qualify messages. But what should we do to ensure that messages we send get the highest possible chance to be delivered?

  • We MUST have adequate malware protection for inbound emails, and ideally also scan outbound emails for malware to ensure we do not compromise our message recipients.
  • We must properly designate and authenticate our outbound servers – via RDNS, SPF – and ensure all mails from our domain are sent only from these servers. This may not be just your corporate email server: – we must also check any other servers that send emails on behalf of our domain: -for example if our website sends emails, then it must also be properly designated and authenticated.
  • We must regularly check that our sending servers have not been blacklisted.
  • If we regularly need to send messages to more than a handful of recipients, we should consider using a third-party service rather than send such ‘mail-blasts’ through our own servers – which reduces the likelihood of getting our servers blacklisted.
  • If we send Unsolicited Commercial Email (UCE) as a Singapore organisation, we must ensure the subject line contains <ADV> and we must provide (and act on) an unscubscribe link – to ensure we comply with legislation, or otherwise face the risk of legal action against us.

If you would like to discuss this issue and what it means for your business, please get in touch. Since inception in 1996, PASR Technologies has been providing SME business owners with a level of service and support to the SME business owner that is typically only directly available in very large organisations.

Servicing businesses from 10 to up to 200 employees, our clients range from local SMEs through to regional offices of larger MNCs, and include airlines.

At PASR Technologies, we solve your IT problems before you even realize you have one!

 

© 2016 PASR Technologies Pte Ltd

Terms & ConditionsPrivacy Policy

Support

Support Hotlines

Email: support@pasr.net

Skype: pasrsupport

  • Singapore

    +65 6340 1018

  • India

    000 800 443 0046

  • Philippines

    1800 1651 0800