When we think of monsters, we often conjure thoughts in our minds of vampires, zombies, or that giant marshmallow terrorizing New York City in Ghostbusters. In real life though, especially at work, the monsters we face are more realistic and often more easy to tame. From the old server accumulating dust in the closet to that one employee you know is clicking on suspicious links without care, IT monsters are all around us. In the spirit of the Halloween season, we’d like to take you through the seven biggest monsters in IT and how you can tame them.
1. Password Management
Password management is one of those monsters in IT we’ve all heard of but few of us actually get right. Just like Gremlins come with their own set of rules to follow (lest you end up with an army of furry creatures terrorizing your town), password management has a few simple, but essential rules you should follow. Following these rules helps to ensure your data is protected, your accounts are secure, and your organization is protected against cyberattacks.
Use a unique password for every login you have.
While it may be tempting to use the same password for Netflix as you do for Gmail, this is incredibly dangerous. In the event your password gets stolen, you’re not only putting your Halloween binge-watching in jeopardy, but your email is also at risk of data loss. Utilizing a different password for each login you have keeps your damage contained to one account, rather than a dozen or more.
Choose complex passwords
“Apple123” or “Password5” might be easy to remember, but they would take hackers mere seconds to break into. Ensure your password uses a combination of numbers, letters, and symbols and is at least 10 characters long. Try to avoid using obvious words in your passwords and use a mixture of capital and lowercase letters. Try a favorite quote and mix in some numbers and a symbol e.g. Tobe23$OrnotTobe
Routinely update your passwords
Just because you’re using the same hotmail email address you set up in middle school, doesn’t mean you should be using the same password you set then as well.
“Unless they’ve been compromised, update your passwords once a year. I change mine yearly as part of my New Year’s routine.” – Jason Ross, Senior Engineer at Tech Superpowers
Remembering dozens of complex passwords and updating these passwords regularly is no easy task. Thankfully, password managers do all the hard work for you. By investing in password management software like 1Password or LastPass, you can have your complex passwords created for you and stored in a secure digital vault. These managers create very complex passwords, and the best part is you don’t have to remember any of them. They will also automatically fill them in for you in your browsers and apps; not only on your computer but your phone as well
2. Your Ancient Server
Many companies have an old server that is too important to ever take down, and too old to upgrade properly. Hidden away in a dusty closet, employees glance nervously at it in passing, praying it never goes down. As it ages, backups become impossible to keep up with, and the server stops receiving software updates. Most vendors support systems back a few cycles, so eventually, this server loses system support. The more time passes, the more this monster grows, eventually reaching a point where it can’t be tamed. When it inevitably crashes, you can lose data and your day-to-day operations can grind to a halt.
The old server in the closet is an easily tameable monster as well, provided you catch it early enough. By budgeting and planning your device’s lifecycles, you can stay on top of aging hardware. Make sure you’re looking 3-5 years in the future and always aware of which devices in your organization are aging and need to be replaced next. The older your devices are, the more difficult they become to upgrade or replace.
In the event your server monster has grown out of control, your risk should be minimized by your investment in backup software (if you aren’t backing up your data, stop reading this right now and go get that taken care of!) and redundant systems. Our IT approach is all about eliminating single points of failure. Your organization should be set up so that if your server goes down, it’s ok because you have backups in place and another system to take over.
“Follow the 3-2-1 backup mantra: 3 copies of your data, on 2 different forms of media, 1 of which is stored off-site.” – Jason Ross
- Follow the 3-2-1 backup mantra: 3 copies of your data, on 2 different forms of media,, 1 of which is stored off-site (preferably in a different state or area of your country)
3. Free Software
Software can be expensive, often more expensive than we think it’s worth. So when you find a free solution that claims to do everything your paid software does, it can feel like a big win. Unfortunately, free software can be one of the sneakiest monsters in IT, luring us into almost certain doom.
“You can’t get mad if you set up a picnic in someone else’s backyard and they turn the sprinklers on. For IT, this translates to not building mission-critical systems that your business depends on with free, unsupported software,” says Jason Ross, Senior Engineer at Tech Superpowers.
Free software often looks good on the surface, but behind the scenes lacks the support services paid software includes. Paid software has the funds to support and update their product, keeping it free from new vulnerabilities and expanding features along the way. Free software quickly becomes outdated and support vanishes. It’s also important to note that often when you’re not paying for something, it’s because you’re the product. Many of these programs use your data as currency, often without your knowledge.
Another hidden monster in the same realm is trying to save money by buying only one license. Not only is against most (if not all) Licensing Agreements, sharing a login for a service restricts your ability to audit who’s doing what and when. When a file gets deleted, or you get a huge charge for extra features being added to the account, you don’t know who in your organization made the chagne.
Stay wary of the software monster trying to lure you into it’s trap and ensure you’re only utilizing proven software with dedicated support for your organization. Software and licensing costs can be painful, but an ounce of prevention hurts much less than a pound of cure when something goes wrong.
4. Ignoring Compliance
Whether you’re storing PII (personally identifiable information), credit cards, social security numbers, or HIPAA information, compliance can be a many-headed monster. No matter what your industry is, you are beholden to a set of compliance regulations surrounding data and storage of sensitive information. This can go beyond digital compliance and include physical locks on server closets, specific people who can access locations, and more. Records are subject to be deleted within a certain time period or kept for a specific length of time.
Understanding all the compliance rules you are subject to can be a headache, and implementing them can be even more difficult. Unfortunately, if you are hit by an audit and caught out of compliance, you can get hit with fines for millions of dollars, whether you were intentionally ignoring compliance or just ignorant of the rules.
So how do you tame the many-headed monster that is compliance regulations? Partner with an MSP (managed service provider) that understands your particular needs and can work with you on achieving them. A solid MSP relationship will work hand-in-hand with you and your organization to ensure data is being stored correctly and you are meeting your requirements in every technology-related area of business.
5. Your Company’s Weakest Link
Often, the biggest monster in your organization is walking among you, unaware that they themselves are endangering the company. A company is only as strong as its weakest link. Even if 99% of your coworkers are following cybersecurity best practices, it only takes one person falling for a phishing scam for your whole company to be thrown into chaos.
Fortunately, this monster is relatively straightforward to tame. Invest in security training regularly for your entire organization and ensure you have fail-safes in place for when something does go wrong. As discussed earlier, eliminating single points of failure will protect your company when something inevitably goes wrong. One simple strategy that has proven very effective is to “game-ify” security. Get some cheap company stickers or challenge coins and hand them out to people who report suspicious emails or are able to navigate a phish-y situation without falling for the trap.
6. Not Investing in a Reliable MSP
An MSP is your proverbial ghostbusters team (albeit with less humor than Bill Murray and Dan Aykroyd). You don’t love having to pay for their services, but if you don’t invest in them, you can end up with a giant marshmallow (or at least a metaphorical marshmallow in the form of a ransomware attack) wreaking havoc on your organization. A managed service provider does more than removing malware from your computer or fixing your internet when it goes down. A good MSP will partner with you to provide a holistic approach to problem-solving and IT projects, helping you not just in the present, but preparing you for the future.
Learn more about what a managed service provider does and how Tech Superpowers is the perfect fit to partner with your organization.
At the end of the day, the best way to tame any of the monsters above is to bring in the professionals. Outsourcing your IT leaves your cybersecurity and technology in the hands of the experts, leaving you to focus on what’s important to you and your business. Contact us today and see how we can help transform your IT and prepare you for the future.