What is a Managed Service?
Dan: It's 8:30. That means it's time for the world-famous Bit-Wizards Tip of the Wand Show. Good morning. This time we have two different folks. Usually, well most of the time I would say Vince and Sam are with us, but this morning say good morning to Jason and Jennifer. J and J, good morning.
Jason: Good morning.
Jennifer: Good morning Dan.
Dan: I hope you two are doing wonderful. Of course you are. You're always doing wonderful. Every time I talk with you guys everybody is upbeat and happy and things are going well. I take it both of you are nice and healthy? You haven't contracted the virus or anything?
Jennifer: No. You know what Dan? It's a magical day.
Jason: It is a magical day, and we've got coffee to prove it.
Jennifer: A lot of it.
Dan: Okay. So what have you guys been putting in your coffee? Well, we won't go into that. We won't go into that at all. So, let's see, where's Vince and Sam at? Did they take off on you?
Jason: They are... I know Vince is at his... No, I don't know where Vince is. I know where Sam is. Sam is at his peer group. I'm not sure where Vince is. He's probably globetrotting right now, talking to clients.
Dan: Yeah. He's probably out having a little bit of free time.
Jennifer: He's solving all the world's problems.
Dan: Solving all the world's problems? Yeah, we have a lot of them too, so good luck to him, huh? All right guys, let's get into this.
Announcer: Bit-Wizards Bits and Bytes.
Jennifer: All right. Today's Bits and Bytes we are talking about cybersecurity on the rise amidst COVID-19. Many of us, Dan... You know, we're trying to get back to business and we are trying to bring some sort of normalcy back to our lives, but there are bad actors out there and right now they're in their element. We're seeing in the news that the cyber criminals are increasing their attacks and taking advantage of the COVID-19 pandemic. Really everyone is a target, but what we're seeing is medical offices and hospitals are getting hit the hardest. According to a national survey completed by the American Medical Association, more than 80% of medical practices have been the victims of cyber attacks and over half reported patient safety concerns from the hack. 20% said that their business has been interrupted for more than five hours, and for medical offices and hospitals that can be the difference between life and death, so that's a pretty big deal.
Dan: With these cyber attacks what are they trying to gain?
Jason: They're looking for low hanging fruit Dan. These medical offices are busy running around trying to save people's lives and they know that they can't do it without their technology intact, so they're just going after that technology because they know that if they hold them ransom they're going to be more likely pay that ransom quickly in order to get back to the business of saving lives.
Dan: So ransomware is a big deal then?
Jason: Yeah. These people are the lowest of low. A lot of people think that these guys are wearing hoods and dark glasses sitting in their mom's basement all day coding, but some of these guys are actually nefarious actors from countries such as... Well, I'm not going to name any countries, but... Well, we'll call North Korea out. These guys are going in 9:00 to 5:00 every morning, working in their offices, high fiving each other every time they get a new ransomware attack in and drinking their coffee. These guys are paid by the government. This is their business.
Dan: I see. Like you said, we're not just going around the individuals that are just kind of goofing around with their computers to see if they could hack into something, these are professionals?
Jennifer: Yeah, they're professionals, and it's their career. Just like Jason and I come into help people with technology, they go in every day and they're eating the birthday cake after the birthday party and they're getting their campaigns running. They probably have quotas, to be perfectly honest.
Dan: My gosh, all these criminals running around doing all this, what can you guys do to help?
Jason: That kind of takes us into our next piece. Do you want to do that or do you want me to jump into it?
Dan: Yeah, we could... Is this going to be a pretty long segment you think?
Jason: It's going to be a little long.
Dan: Okay. Let's do it.
Announcer: Bit-Wizards, what's up our sleeve?
Jason: One of the things that businesses are doing, and it kind of was a gentle thump across the forehead during the COVID quarantine, is increasing their technology and their security. What businesses quickly realized was that they were not prepared for the technological requirement that it's going to take to work remotely.
Dan: Right. You guys have been work with them for quite a while, trying to get everybody... Let's back up a little bit, because your regular clients already had a lot of this done for them. Is that correct?
Jason: Oh, yeah, yeah.
Jennifer: I have to toot our horn a little bit, because when this all started it was not challenging for us to get everybody prepared to work remotely because that's something that we were already prepared to do for ourselves and for our clients.
Jason: Right. It's kind of like the cat that jumps off the roof and jumps onto the wall and bounces off the wall. Like that was no big deal. I mean that was our clients. They brushed it off, moved on, called us, and we had them up and running in a couple hours.
Dan: Got you. But it's the people that are coming to you now, that didn't have this before, that's probably the challenge for them, to get to where your clients are already at, to get these other new clients to that point?
Jason: Right. And as much as we try to make this a quick process... I mean we don't flick the switch and all of a sudden you're secure. There's equipment that comes along with that. There is migrations that happen for email. There are files and files and years and years of information that we have to transfer and secure. That is one of the challenges. People come to us like, " I need to be secure tomorrow." Well, we'll start tomorrow.
Dan: And you'll be secure as we go, but the other... I fully understand what you're saying, because they could have been in business for 10 years and never had any security that they're looking at you for, and now all of a sudden they want it like got to get it done now.
Jason: Absolutely. While we try to accommodate every business that has that requirement, reality is reality. We have to take our time. We do it right. We are very proud of doing it right. With us, as much as I hate it, sometimes slow is fast, because we do it right. We don't have to go in there and fix our problems because we tried to rush something.
Dan: I agree with that. Nobody likes warranty work. That's what we used to call it. I had a dental lab for a number of years. You make the crown right the first time, you don't have to do warranty work, go, " Oh, this margin isn't quite right." So you do it right the first time, it saves you time and saves you money.
Jason: Right. Exactly. This brings us into how businesses are pivoted during COVID-19. As frustrated as I think every single Floridian is, we watch it go up and down, we hear of these mask mandates, we hear, " Oh, wait, never mind. It's not going to happen." " Oh, wait, the local people are going to try to force me to do something that's," well, we're getting political there, " that's not their right to force me to do." Businesses have adapted and have used managed services, and there is a boatload of managed services out there. Really a managed service is any service that a business subscribes to regularly. The service performs a specific task designed to improve communications, operations or efficiency. They're different from your utilities, like Cox and Gulf Power or things like that because they just provide the service. If your internet goes out and it's your home's fault because your power went off, that's your deal, that's your issue. Take care of it. A managed service is going to make sure that if your internet goes out because your power is out they're at least going to run out and put a generator on your modem so you still have internet and then you can pay your power bill.
Dan: Right. Yeah, that makes sense. Because Bit-Wizards managed IT service, you're always constantly monitoring, upgrading and keeping track, and keeping them up and running all the time with the newest and latest and greatest. I see what you're saying. With the electricity, they come, they flip it on and they walk away. You are not like that. You're monitoring and maintaining everything for them so that they can do their business because you manage their technology for them.
Jennifer: That's right. A big part of that is also communication. If your internet provider is going to bring the internet down for scheduled maintenance they don't always communicate that that's going to happen, and so right in the middle of... If you're working from home that's going to be a huge problem, but any time we have to make any changes or if there is going to be downtime it's always scheduled, because communication is very important to us. We can never over-communicate when it comes to taking care of our clients.
Dan: Yeah, I think that's what we lack a lot in the business world, is sometimes communication. So you providing that information to your clients... And I'm sure if you do an upgrade it's going to be like 3:00 in the morning so that it doesn't interrupt their business day, depending on the business that they're in. So being upgraded, always having the latest and greatest on your software, keeps them in business and keeps them safe and secure. But getting back to this ransomware business, is there anything in your managed IT service that you do for your clients that helps them not get caught up in this ransomware? Is there anything that can be done?
Jason: Absolutely. We educate, educate, educate. If you don't know what that link is or if you don't know who that person is that sent you that email don't click on it. Our clients will give us a call and say, " Hey, look, we're looking at this email and it just doesn't look right, but it might be something we need." We actually have what's called a virtual sandbox. It's this PC in the sky that we can log into, drag that email over or that attachment over, and actually open that thing up, see what's going on, see what that file is, and go, " Oh, wait, that's actually something that you need, here you go," or, " No, that's something that should-
Jennifer: That's ransomware.
Jason: Yeah, "That's really ransomware." We also make sure that our backups are backed up, that we're constantly backing up our data, your data, the workspace and things like that. The reason that we tout our backups a little bit more than just going to an online service like Carbonite or Goggle Drive is because a backup is not a backup until it's actually been tested, until it's been restored. So you may have the data somewhere, but until someone actually goes in there and says, " Wait, that data is good," that backup is just vapor at that point.
Dan: I got you. I guess is there still a lot of backup going on with like the cloud and hard drives and all of that?
Jason: Well, the cloud is the future... Well, it's the present. Let's be honest. We still have some clients that like to keep their backups on a external hard drive. But, again, those things are mechanical. They have a lifespan, so eventually they will fail.
Dan: I believe one of the guys was saying about the cloud... Like for example with Microsoft there's all these different servers I guess that stores all this information, and if one server starts to go out they can just pull out one server and put another server in. So I guess what I'm saying is that's always up, it's always running, and your information is stored and secure.
Jason: That is correct, and it's replicated as well. If Microsoft's data center has a hard drive that goes out and it just happens to be the hard drive that has all your documents, well you're still not going to lose your documents. They've got that backed up. It's a backup of a backup of a backup. That's what you're paying Microsoft for.
Dan: That's pretty good. How many types of businesses are you working with on this?
Jason: Every single one of our businesses has this, our clients.
Dan: So you work with medical obvious, because you're working with the medical folks, and I'm sure you're working with restaurants and all different sorts of offices around the area, the community. You can help all different kinds, just not medical or just not a restaurant. Pretty much every small business in the area could benefit from this?
Jennifer: Even larger businesses. One of our clients is the South Walton Fire District. They have absolutely critical infrastructure. If their 999 system goes down... It can't, it absolutely can't. So we have big clients and important clients like that, and then we have single accountants working out of their home, and they're just as important as the South Walton Fire District. We've got attorneys, insurance agencies. We've got a vet clinic. We got to keep the puppies and kittens alive, right?
Dan: Of course. We've got to take care of the little furry ones.
Jason: Absolutely. Some of our clients, Dan... Most of our clients are people that have a vested interest in their data. One of the things we say to some of our newer clients or people that are thinking about it that say to us, " Well, no one really cares about my data," how much is your data worth to you is really what the cyber criminals are asking themselves. People don't really think about the cost of a hack. Let's take an insurance agent, for example. Let's say the insurance agent has a hack. They're required by some of their compliance measures and their underwriting agencies to alert every single one of their clients that a hack has occurred, and that has to be done by certified mail. So how long and how much time are you going to waste sitting there printing off thousands and thousands of letters and then paying for a certified letter to each one of your clients to let them know that you've been hacked and that their information is at risk? At the same time, imagine the reputation hit that you're going to take in that business.
Jennifer: Yeah, because by law it has to be communicated.
Jason: It has to be communicated, and then you might be on the hook to pay for identity theft protection for that individual. Look at what happened to Experian. I don't know if I've ever gotten my link to get my free identity theft, but all of our information was leaked.
Dan: Yes, big hack. The VA even got hacked. I remember... You know, I'm a vet and I remember the VA got hacked and I got a letter saying, " You know what? Your information may have been stolen." You know that makes you feel real good. It's like okay, so what's next? Identity theft?
Dan: And when you have a... I don't have a choice in that, but if you've got a choice, like you said, for insurance agents or attorneys or even if you go to the doctor and your stuff gets hacked, you always have the option to go someplace else. So you're right. That could hurt a business even more than just the certified mail. It could hurt the business as far as people not trusting them anymore.
Jason: Correct. You are absolutely right. One of our other things that we do is we help the schools out. We help some schools in the local area keeping their students safe. They're now virtual. They're now doing classrooms online, and the last thing we need is some goofball jumping into one of those classrooms and making a mockery of it, or even worse, and we've seen worse.
Dan: Yeah. Well they're young minds and young kids, and you just never know what some, I don't know, some perpetrator if you will, would do with young children. So absolutely that's all got to stay safe. I don't know how much of a jump it was from making some kids... Some kids I think already had the ability to work from home if they were sick or something, but now to make all the schools... They had to go virtually basically, do all their school work from home, because I know they were given laptops or iPads or whatever it was, but they all had to work from home, so that would be I would think monumental, because so many people could hack into that.
Jason: It certainly is. It is a cat and mouse game. I know you've heard us say that term multiple times before, where a new zero day exploit comes out and we've got to plug that first because... I'm not sure if you remember what a zero day exploit is, or let's say when Windows discovers that's a vulnerability and they put out a release to fix that. Well, they're also alerting every single hacker out there that says, " Hey, look, this is a vulnerability." So we've got to make sure we're on our toes when that vulnerability is released from Microsoft to make sure that we plug that hole as quick as possible, which is one of the other security pieces that we do very well. We are constantly monitoring those technical releases to make sure that every hole that we know about, that Microsoft knows about, is plugged.
Dan: That's probably like your updates that you get for your Windows 10 now?
Jason: Absolutely. Do your updates, Dan. Come on, are you on Windows 10 or are you still running that XP machine?
Dan: I have to say that I still have Windows 7 and I know it's not supported anymore and I keep worrying about that, because you guys have told me, " They're not supporting Windows 7, and as soon as a hacker finds a hole in Windows 7 they're going to be coming after you," do I do have another machine with Windows 10 now.
Jennifer: You need to have a conversation with your IT guy.
Dan: I'm having one right now with you guys. That is kind of a scary thought, and for me what I use that one for is just personal stuff, and you know what? If that one went down it wouldn't break my heart. I would be able to get that back. Not for my business though. My business is all on Windows 10, and you guys set it up for me. Sam set it up for me, so I feel completely comfortable with that. I got Office 365 on it and the cloud. I'm on CloudNine, so I don't have to worry about my stuff getting stolen now, so that makes me feel better.
Jennifer: You're literally on CloudNine.
Dan: I am. I'm on CloudNine. I don't have to worry about it. I did before though. I was pretty concerned before, because I have a DJ business and a wedding business more or less, so I have clients ' information in there and all my upcoming weddings and all my upcoming information. All that stuff is in there. If that would of vaporized I would be stuck, so having all that backed up is great stuff.
Jennifer: Yeah. We do have a shameless plug for Bit-Wizards. We are the experts in the field of remote working and cybersecurity. If your business is trying to adjust to a new remote working environment, or if your business threw together a quick solution and now you're regretting that decision, Bit-Wizards is here to help.
Dan: Yes. You know, with-
Jason: And we-
Dan: Go ahead. Go ahead.
Jason: I was going to say we've seen that too. We've seen, " Oh, I bought this and I bought that and I pieced this together. Please help."
Dan: Oh, yeah, please help. It's not working out like I thought it would. We've talked about this so many times, that people are experts in their field. As far as whatever job they're doing, they do their job fantastic. You're an expert in the field that creates an environment for them to have a safe IT environment, managed, up-to-date, and basically I won't say foolproof or fail proof, because there's always a problem. Instead of somebody who's maybe a good doctor or insurance agent... Instead of them trying to figure out how in the heck they're going to do something with their IT, with their computer, or they haven't upgraded it or something breaks, why not have an expert in that field take care of it? That's what you guys are, by managing IT so other people can be an expert in their job. That frees them up from having to mess with all of this because you're the expert in that position, so why not let the experts handle it?
Jennifer: Yeah, for sure. I agree completely.
Dan: You should.
Jason: All right. Let's go to the spell book.
Dan: Yeah, let's go to it.
Jennifer: Let's open up our spell book.
Announcer: ... from the spell book.
Dan: It is a spell book. Come out with a spell.
Jennifer: Yeah. So this is the segment where we demystify some technical geek speak each week and we discuss a little technological factoid. Today's term, which is actually going to be an acronym, is NGSW, which stands for next generation firewall. You've heard of us speak of firewalls many times on the show, but the term firewall is something that is used loosely in the tech industry. The term next generation firewall was coined to set as kind of the standard of true business grade firewall and set it apart from something that you can purchase at just any retail store. If you're wondering if your business has a NGSW, next generation firewall, ask yourself where you bought it from. Typically if you bought it from the local stores it is probably not next generation, but the enterprise grade firewalls certainly are. We utilize Fortinet. That is our preferred firewall. The next generation firewalls are one of the single biggest security upgrades that a business can have. It's not as easy as just purchasing and plugging it in and just expecting it to work. It doesn't work that way. You really need somebody who knows what is needed to configure it, to set the correct policies and to set the correct routing, typically from a network engineer. Luckily, at Bit-Wizards we do have the necessary expertise for these next generation firewalls.
Dan: So for these next generation firewalls, what's the advantage of those over the old firewalls?
Jason: The old firewalls... And the real reason why this is such a big piece for us, some of the older or even the newer wireless routers that you can pick up at a big box store have some sort of firewall in them. Then you also have a firewall built into your Windows 10 devices, but it's a software firewall. It does not protect your network. It just protects that computer. The biggest advantage of it is actually active monitoring and active defense. With a professional service like Bit-Wizards, or even if you're managing it yourself and you know what you're doing, if you start to see with a next generation firewall somebody attacking or trying to get into a specific port in your network... Think of a port like a door, and someone keep knocking at that door, knocking at that door, knocking at the door, ringing the doorbell. Eventually you're going to... Either they're going to knock it down or you're going to answer it and go, " What do you want?" Well, it puts a peephole. It allows you to have a peephole in that door to see who's actually knocking on it. When we run our diagnostics before we start our network analysis, before we start putting in these next generation firewalls, we can see IP addresses from across the world in some of our not so friendly countries out there actually accessing people's networks here locally, and we stop that with these next generation firewalls. A basic firewall that you can buy over at Walmart or Best Buy is just not going to give you that protection. It's going to make sure somebody doesn't get into your network through wifi if you've got it set up correctly, but it's just a very loose term at that point.
Dan: I see. So these firewalls are definitely not your next generation firewalls? I guess they do some good, but they don't keep everything out?
Jason: For a business, Dan, it is a terrible idea if you have any private information, documentation, data, client data, patient data, or anything. If you do not have a firewall, you're actually doing yourself and your clients a disservice.
Dan: Things are kind of hanging out there, like you were talking about earlier, the low hanging fruit I suppose when you have one of the older firewalls?
Jason: Right. Those older firewalls are vulnerable to hacks just like a Windows 7 machine might be that has not been plugged. So if Cisco put out a retail firewall eight years ago and that's what you're using today and you've never take the time to upgrade it and make sure that firmware is up to date, there are holes all in that. You can go and do a simple Google search, how to break through an old router, an old firewall.
Dan: Oh, gosh, that's great. Everybody go to YouTube and figure out how to break into your firewall.
Dan: So, Jason, you usually have somebody that you like to plug, one of your businesses. Either Jason or Jennifer, whichever one would like to do that, now would be the time to do that, say thank you to one of your clients.
Jennifer: Yes sir. We do want to send a big shout out to one of our newest clients, TAMP Advisory Solutions in Destin, Florida. TAMP provides advisors and investors professional financial services. Obviously they are now more secure with our backing them up, and we want to say thank you to Darlene and John, Amy and Stephanie, and you guys keep up the great work.
Dan: And you guys keep up the great work, because apparently you're keeping everybody safe. I haven't heard any bad words about you guys ever, always good stuff about Bit-Wizards. We're just about out of time, so Jason and Jennifer thank you so much for coming on and telling us more information, and now I know a little bit more about firewalls and so does everybody else. They keep us all safe. Thank you very much for taking the time to talk with us about that this morning.