Data Security

Storing Medical Data in the Cloud

Healthcare photo.png

From doctor-patient confidentiality to insurance non-disclosure agreements, we do all we can to ensure our medical data doesn’t fall into the wrong hands—and for some healthcare organizations, this makes the idea of storing such data in the cloud quite alarming. Though the cloud promises to reduce costs and streamline records management, it’s all too often (and wrongly) associated with the specter of cybercrime and other security breaches. Fortunately, it’s much safer than you might think.

A slow revolution

In 2011, only 4% of healthcare providers had moved to the cloud. Adoption rates have since skyrocketed to over 70%. However, it appears that some in the industry are still reluctant to make the leap, and the main concern among detractors appears to be the possibility of a security breach.

However, when it comes to sensitive data, a security breach isn’t the only thing you have to worry about—data might also be lost as the result of a physical event, like a fire or flood. When keeping your data in the cloud, it is being secured by IT professionals at groups like Microsoft and Google, whose only job it to secure your data. In other words, storing data in the cloud might be the safest option available.

Meeting industry standards with HIPAA

The good news is that you no longer have to determine for yourself whether or not a cloud provider is able to protect sensitive medical data. In 2013, the federal government expanded the privacy and security protections established under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) so that they now apply to electronic health records. The act outlines strict procedures for storing such records using data encryption and destruction. It also imposes significant penalties on non-compliant organizations.

From the clinic to the cloud

When a healthcare organization decides to move to the cloud, it should check that its cloud provider is HIPAA compliant. The U.S. Department of Health doesn’t itself authorize any HIPAA certification programs. However, cloud providers can voluntarily undergo an audit that takes into account the HIPPA Audit Protocols. If they pass, you can be confident that they’re capable of storing your data in a safe and secure environment—which means that the prognosis for your organization’s medical records is very good indeed.

Current Technologies is here for all your data storage needs

Name *
Name

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

Connecting Branch Offices Made Easier

Connecting Offices.png

Branch Offices Shouldn't Be Separate Worlds


Running a business across multiple locations has always had its share of IT challenges. Past approaches consisted of duplicating data between sites or relied on an often-unreliable wide-area network (WAN) links to make remote branches seem like part of the office network. With fast Internet connectivity now widespread, there are more ways than ever to securely connect staff at multiple offices

Extending corporate networks to remote sites has become far easier now that inter-office traffic can be routed across the internet without the need for expensive telecommunications links. With providers across the country improving their broadband services, it’s becoming easier than ever to link branch offices with rapid, secure, and reliable connectivity.

Keeping Your Data Safe

Data security, of course, is paramount when linking offices over the Internet. For this reason, you’ll need to encrypt your inter-office data by setting up a virtual private network (VPN) that creates a "tunnel" through the Internet between your work sites. Such tunnels have been widely and successfully used for years to link sites and to allow mobile users to log into corporate networks while they travel.

However, encrypting data is only one part of the challenge. With large numbers of branch offices in operation, you’ll need to develop and manage a coherent data architecture that controls where data goes, where it is stored, and how it is safely stored.

Previous store-and-forward models would see branch offices—particularly in time-sensitive retail operations—caching data at the remote site and periodically synchronizing it with central databases. Now that businesses are online and always available, data is more effectively transmitted in real time for storage in central transactional databases, which are often duplicated in a second, remote data center for redundancy and disaster recovery.

Cloud Solutions

Increasingly, smaller businesses are turning to cloud services to link up their branch offices in a different way. In this model, data is stored centrally in a cloud service and each branch office uses the same techniques to access it.

This approach lets businesses locate the data in whatever mission-critical data center is appropriate for the task while providing each branch office with the ability to access and collaborate on documents equally. This architecture also allows businesses to provide more consistent access to supporting services like unified communications, video delivery, identity management, security, and more, which are available to all employees at all branches.

With a cloud storage solution set up by Current Technologies, branch offices no longer need to be treated like remote outposts. By tapping into the flexibility and configuration of Internet-based services, it’s now possible to link even remote branch offices more seamlessly than ever before.

Do You Have Issues Connecting Remote Offices?

Name *
Name

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

Helpful Hackers- They Do Exist

Hacker.png

Business IT systems are complicated, you know that. You've invested in security for your systems, but you're worried that there are still holes in your defense, weak spots between all the bits and pieces that make up your total networking and computing infrastructure. How can you feel confident in your security? You have to welcome a hacker into your midst.

It sounds counter-intuitive, welcoming a hacker (or team of hackers) to come and break into your network and your most sensitive data stores. But that's exactly what pen-testers (short for penetration testers) do—launch non-harmful, sophisticated attacks and probe to see if your network can handle the worst the world has to throw against it. Pen tests are almost always valuable, but to get the most from the exercise there are several things you can do.

1. Turn Them Loose

Too many pen tests are hampered because the client places significant limits on what the pen testers can do. One frequent example involves spear-phishing and social engineering. Will you let the pen testers send email messages to employees trying to tempt them into giving up network credentials or privileged information?

Some companies say they do not want to risk embarrassing employees, so they forego testing the human element of the network. If you do not run these tests, you lose valuable opportunities to see how well corporate training has been put to use by employees. The key is to not single out employees and treat any successful spear-phishing attacks as opportunities for education, not punishment.

2. Define Goals Before You Start

Is the purpose of the test to inform regulatory compliance efforts? Are you trying to see where weaknesses lie before starting a new security purchase cycle? Do you want to give your InfoSec team information before they begin revisions to the corporate security policy? Is this just part of your regular cycle of testing the effectiveness of your security?

Being clear about what you want to achieve from the test, and communicating that information clearly to the pen testing team, will help make sure the pen testers are working with you to be most effective.

3. Do Not Hire Them

Some executives resist pen testing because they worry that the results of the test could become subject to the discovery process in the event of a lawsuit. That is a legitimate concern, but there's a way around it.

Let your law firm hire them. If outside counsel hires them and delivers the report to you, then it is privileged communication and is immune from legal discovery. You get the results, everyone gets protection, and everyone (on your team) is happy.

“Hiring” a team of hackers can be the best thing you do to strengthen your network security. Do your homework on the firm you hire and follow the tips above, and you'll end up with a sound picture of where your security is doing its job—and where you should start immediately patching the holes. Our team at Current Technologies specializes in building state of the art security systems to your specification. If you already know where the holes are from a pen-test, it will be a breeze to have us patch them up for you.

Need Help Passing Your Pen-Test?

Name *
Name

We Value Your Feedback

Was this information helpful?
Was this information helpful?
CurrentTech_Horizontal.jpg

2018-19 School Year Technology Checklist

More School Children Using WiFi.jpg

Making your list for the year ahead


In the ongoing cycle of the educational year, it’s buying season for primary and secondary schools. That means schools and school districts are looking at the technology available for students, faculty, and staff. Then, they’re trying to make decisions that will affect those users for the next three to five years (or more). What are the products that school IT staff should be considering, given the march of technology and the lessons learned in the last few years? Let’s take a look at the issues and technologies for each of the constituents that school IT must consider.

Security

For faculty, the key considerations are security and the ability to work successfully with a wide variety of instructional media. The first of these considerations is obvious because FERPA requires it. Student data must be kept secure. The challenging piece of this is, of course, that the data must also be accessible to faculty and authorized staff at a moments notice.

Look for multi-factor authentication built into hardware and graphics capabilities that make it possible to run virtual desktops. These simply eliminate many of the security issues around sensitive data. When it comes to things like student data, it is wise to talk with professionals. Current Technologies has been working with schools for 20+ years and keeping their data secure.

Wi-Fi

The more technology gets integrated into schools, the more bandwidth schools are going to need. Streaming videos, internet searches and an array of learning applications all require bandwidth. With a slow connection, it could take half of a period just for students to load what they need.

The recently released 802.11ac Wave 2 is providing schools with more than 6Mbps, which is a huge upgrade from 802.11ac. With more students bringing their own devices from home and teachers continually integrating more technology, bandwidth has to grow. 802.11ac Wave 2 has done that and can last long into the future. 

Device mix

Student workstations are changing as school systems revisit desktop and laptop computers.

Tablets will remain relevant, although many schools have found that without comprehensive lesson plans and dedicated support infrastructure, tablets don’t necessarily provide the desired results.

While some schools allow students to bring family-owned tablets, school-provided desktop computers are more rugged, more easily secured, and more capable than tablets.

Mobility

Staff members are among the computer users who are focused on mobility for their systems. Part of this is due to requirements that administrators and specialists take systems home to complete work.

Another consideration is on-campus (or between-campus) mobility to supervise multiple locations or functions within the school. For these employees, convertible systems that combine laptop and tablet functionality are gaining popularity, especially with the addition of FERPA-compliant mobile device management (MDM) software to ensure security.

Networking, device mix, mobility, and security are the primary hardware considerations driving changes in education systems. For educational IT specialists, specifications for these three should be part of any requirements list for this year’s shopping season.

What's On Your Shopping List?

Name *
Name

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

Worried About Defending Your Data From Hackers?

defending data.jpeg

Why the Best Defense Against Viruses Might be Off Site


If you’ve handed over responsibility for your IT to a managed service provider (MSP), the decision probably included the following considerations.

  • They’re experts.
  • It’s cheaper.
  • You don’t need to have as many (or any) IT employees in your office.

It can feel like a huge weight is off your shoulders, but for your MSP to make those things true, it needs tools. One of them is remote monitoring and management (RMM) software. Being able to access and service your systems from their office, not yours, is part of what makes managed service providers so cost effective and it saves everybody time.

What is RMM?

You might have heard of RMM as “network management” or “remote service software.” Whatever you call it, it’s software that lets MSPs remotely monitor client endpoints, networks, and computers.

RMM is particularly important when it comes to your security. With malicious code becoming a faster-moving problem every year, you want every device patched and secured without waiting for a technician to make the rounds.

Enter the Agent

RMM works through a piece of software—called an agent—that is installed by your MSP on workstations, servers, mobile devices, and other endpoints. These bits of software feed information back to the MSP about the machine’s health and status.

With this information, the MSP can see what’s going on in your network. It can target endpoints that need maintenance or updating. It can see where issues are about to happen and act on them without needing to go to your office. That’s less inconvenient for you, and it keeps down the MSP’s costs, which it can pass on to you.

The ability to keep your security up to date is especially beneficial to both parties. When an MSP contract includes support through a security breach, the costs to both the client and the MSP can mount quickly. Both parties have a vested interest in keeping anti-virus software up to date and patching holes before there’s a problem.

Raising Alarms

Your MSP doesn’t need to have someone sitting in front of a screen to keep an eye on your system 24/7. That’s what the agent is for.

When an agent finds a problem, like a virus or other malicious code it creates an alert or opens a ticket that is sent to the MSP so it can take the action that’s needed.

First and Fast

In short, RMM is essential if your MSP is to keep your network secure. It’s going to alert the MSP to issues before they arise, and if something does slip through the net, the MSP will get an early warning to fix it.

Why the Best Off Site Defense Solution is Current Technologies

Current Technologies has been providing businesses in the Chicago land area and beyond with superior IT services for 20 years. Offering companies a hybrid solution of regularly scheduled onsite maintenance visits with a specifically assigned consultant, along with 24/7 remote monitoring and support we can deliver an IT Service framework that is among the best in the industry. Current Technologies uses top of the line Auvik monitoring software to ensure your data is safe as can be. With this level of protection you will be able to rest easy at night knowing your information is secure.

Check out our infrastructure management overview PDF below to see all of the ways Current Technologies can help your business run safer and smoother.

Get Protected Before it's too Late

Name *
Name
We pride ourselves on having the capabilities of a large firm while still providing the personal attention of a small firm
— Phil Hanson, Project & Service Manager- Current Technologies Corporation

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg

10 Essential Steps To Protect Your Data

computer data.jpeg

How Much is Your Data Worth?

There are various ways to calculate the cost of losing work stored on computers. Perhaps the easiest way to get a gut feel for the cost is to think for a moment about how long it would take to replace lost work. How many people would have to spend how many days to create everything from scratch?

Here is a simple 10-step plan for making sure they do not have to.

1. Have a Strategy

You will not know what approach is right for you until you have answered these questions:

  1. How long can you go without the lost data?
  2. Will you be making full backups or incremental or differential backups?
  3. How quickly will you need data restored?
  4. What solutions will you use?
  5. How secure do your backups need to be?
  6. How long do you need to keep the data for?

2. Prepare for the Worst

If the building burns down, your onsite backups might go the same way as your primary systems. You should think about offsite or cloud backups as part of your plan. At Current Technologies, we help our clients find the best ways to leverage the cloud for a positive return on investment.  We can help you choose the best path forward to the cloud using proven solutions. 

3. Get Help

You might not have all the answers or even all the questions, contacting experts is never a bad idea. Our team at Current Technologies has been helping organizations secure data for over 20 years. Our knowledgeable and experienced employees will work with you to reach the mutual goal of defending your data.

4. How much can you Afford to lose?

Catalog which data would have the biggest impact if you were to lose it. Break data into tiers and work out how long data from each tier needs to be backed up.

5. How long can you go Before your Data is Restored?

The answer to this question will be different for each of the tiers of data you identified. And it will inform your decision about what backup systems you need.

6. Consider your Applications

Not only does your solution need to fit your business needs, but it also needs to suit the applications you run.

7. Choose your Device

What will you backup onto? This is another area where it is worth taking more expert advice.

8. Set up your File Backups

If you are working with someone, you should be able to borrow their expertise to make sure you set up correctly. If not, look for vendor tutorials that walk you through the process.

9. Take a Picture

Do not just set up to backup data. Image backups capture your whole system so that you can restore everything. That includes your operating system, applications, settings, bookmarks, and file states right before disaster struck. Current Technologies is partnered with Barracuda Networks and VMware to maximize ease and minimize cost of image backups.

10. Check and Double Check

Your system is no good to you if it is not working. Check and check again that you are capturing usable backups in the format you are expecting.

We can Help Each Step of the Way

Name *
Name
Our customers love the piece of mind knowing they can be alerted to issues so outages can either be prevented or responded to very quickly because of the visibility our tools provide
— Mark Rhodes,VP - IT Soluions

We Value Your Feedback!

Was this information helpful?
Was this an interesting read?
CurrentTech_Horizontal.jpg