Blog Archives - Page 15 of 41

How can your company benefit from hyperconvergence?

September 22, 2016/in Blog, Cloud Hosting, Professional Services, Storage /by ISG Technology

Computing resources are very often mismanaged within the business world. Considering just under one-third of all servers haven’t processed data within the last six months, it’s clear that there are a lot of inefficiencies within enterprise IT. This kind of ineffective model is exactly what hyperconvergence is meant to solve.

Combining all computing, storage and other IT resources into a singular device is allowing companies to get more creative with their technology solutions. To that end, let’s take a peek at what the average organization can get out of hyperconvergence:

Simplify IT operations

One of the great benefits of hyperconvergence is that it helps IT employees immensely cut down on the number of individualized resources they need to deal with. A hyperconverged infrastructure allows workers the unique opportunity of handling all of these components through a centralized platform. This increases efficiency and enables staff members the ability to treat IT resources as if they were a singular system.

Scale up efficiently

Another great advantage of working in a hyperconverged environment is the fact that these systems can be very easily scaled up or down according to a company’s needs or desires. Organizations need to be constantly growing and innovating in order to continue operations, and scaling up IT needs is simply a requirement of modern business. Due to the fact that hyperconverged infrastructure growth simply requires the acquisition of new nodes, the employees can rest assured they’ll have the resources they need to get the job done.

“Hyperconverged systems can be very easily scaled up or down.”

What’s more, companies from all over the world are seeing just how easy it is to grow under a hyperconverged model. A study conducted by ActualTech Media found that 42 percent of IT workers thought it was easier to scale up within their hyperconverged infrastructure than it was to do so in other IT schemes.

It would appear that many within the business technology community don’t know about this benefit. The same study also found that only 6 percent of respondents stated that scalability was a driving force behind the switch to hyperconvergence. Clearly, this topic needs to reach a wider audience.

This is of course only a taste of what a hyperconverged infrastructure can give to the modern business. That said, this technology has far-reaching implications for many organizations, and its benefits should be carefully studied by those wishing to increase efficiency.

Data dilemma: Where does police body camera footage go?

September 21, 2016/in Blog, Government, Professional Services, Security, Storage /by ISG Technology

As recording technologies get smaller and cheaper, giving police officers cameras to wear on their bodies at all times is quickly becoming a reality. These devices have incredible implications, both for average citizens and for officers, as they allow the courts to cut through all the drama and hearsay in order to get to the truth of what exactly happened. That said, there are a few obstacles standing in the way of widespread body camera deployment.

One of the biggest issues currently facing departments wishing to bring these gadgets to the field is the storage of the video itself. Having a camera running at all times during an officer’s shift creates a lot of footage, and simply deleting this because “nothing happened” isn’t an option. After all, an officer could have recorded something of import without even noticing it. So how extensive is this storage problem, and what can police departments do to ease such a transition?

How much data can a police department generate?

Before delving into the more nuanced discussions of data storage, it’s vital to first understand exactly how much data the average police station can create. Each department will obviously have its own special needs, but a good place to start is the analysis of the Chula Vista, California, police department’s data storage given by Lieutenant Vern Sallee in Police Chief Magazine.

Sallee stated that his station had 200 sworn police officers that were using body cameras in their daily rounds. After playing around with their current setup, Sallee’s department found that a 30-minute video demands around 800 MB of storage. Accounting for all officers with cameras, Chula Vista could generate around 33 TB of data annually. To put this in perspective, Sallee stated that this is roughly the same size as 17 million photographs.

Again, it’s important to remember that this is a rough estimate for a single town. Chula Vista has just over 265,000 citizens, making it larger than the average American city. That said, such a population pales in comparison to the 8.5 million people living in New York City, and implementing a police body camera initiative in this kind of metropolis would be a whole different ball game. What’s more, these larger cities are the ones that need body cameras the most, as they generally have more violent crime requiring forceful police intervention. Clearly, simply finding a place to put all this data is going to be a challenge.

Privacy and security are huge concerns

Another major concern with these body cameras is the privacy of the people involved in the recordings. As stated, departments can’t delete a video until they are absolutely sure that nothing on it could possibly be useful in the future. This means that the actions of a lot of innocent people are going to be recorded and stored, and this has certain civil rights groups worried.

In fact, a coalition of the National Association for the Advancement of Colored People and the American Civil Liberties Union presented some guidelines to legislators in 2015 attempting to govern how these recordings are treated. The group wanted to prevent an overreaching use of facial recognition software, as well as ensure officers were only allowed to watch their videos from the day after filing a report, according to CNN.

“Police officers have the right to discuss personal matters without being listened to.”

On top of that, it’s important to remember that police officers have rights, too. These men and women will be recorded at all times during their shift, which means any private conversations they’ve had with their partners could easily be viewed by a third party. These people have the right to discuss personal matters without being listened to after the fact, and officers shouldn’t live in fear that their superiors will eavesdrop on some conversation that they don’t agree with.

Finally, and perhaps most importantly, all of this is for naught if police departments can’t keep the video files secure. A malicious individual or group could do a lot of damage with the ability to map out an officer’s day-to-day duties, and departments must therefore do everything in their power to ensure these criminals are kept at bay.

Partnering with the right company is crucial

Clearly, there are a lot of challenges to overcome when implementing a body camera initiative. That said, the pros definitely outweigh the cons if police administrators are willing to find the right partner for the job. Any officials looking for a company to assist them in their transition should definitely check out the data storage services offered by ISG Technology. We have years of experience storing information for companies from all kinds of industries, and we pride ourselves on our ability to keep our clients’ data safe. Contact us today and find out what an ISG Technology solution can do for your department.

What does an ISG network assessment look like?

September 21, 2016/in Blog, Professional Services, Security /by ISG Technology

Business technology has become incredibly complex in the past few years. Companies often fall victim to their own success, growing so quickly that the IT department can’t keep up. This can often lead to the network infrastructure being put on the back burner while employees work daily just to keep operations afloat.

Organizations often don’t have the time or expertise to evaluate their own infrastructure, which is why ISG Technology offers comprehensive network assessments. But what do one of these examinations look like, and what can companies get out of them? Let’s take a look:

“No two companies are going to have the same needs.”

What’s the first step?

The problem with laying out a first step for such a complex process is the fact that no two companies are going to have the same needs. A network assessment could mean checking the local compute environment, but it could also have to do with looking at a business’s circuit load. One section of the assessment could be as simple as determining whether or not a physical system has single points of failure.

This is why ISG recommends that companies that come to us looking for a network assessment should first determine what their end goals are. Administrators may not be able to completely vocalize what they need, but they should at least have an idea of what they’re after. Basically, the point of this exercise is to get the organization from its current state to its future state. If we know what a company’s intended future state is, we can recommend clear and decisive actions officials should take in order to get there.

What kinds of issues does the average company run into?

Although each organization is going to have its own unique situation, there are some pretty common problems that our engineers run into on a regular basis. One of the most apparent has to do with mobile devices and their use for work purposes. The Pew Research Center found that just under 70 percent of American adults currently own a smartphone, which means a majority of office workers currently have such a device in their pockets at all times.

Due to the advanced capabilities of these devices, workers are increasingly using their smartphones to access company data. The problem with this is that these employees very rarely take any measures to protect their phones. An infographic from Consumer Reports found that 34 percent of smartphone owners didn’t take any sort of security measures with their phones, and that’s including a screen lock with a four-digit password. Therefore, companies that aren’t taking proactive steps to secure private data from stolen or lost phones are at significant risk of a data breach.

Another major issue we often see is businesses not controlling network physical access in the right way. Many companies are now relying on voice-over-Internet-protocol technology, which allows workers to speak to clients via the Internet. It’s an amazing technology with multiple uses, but IP phones can also be an access point for criminals. These devices require a cable connection in order to get on the Internet. This means that anyone with the ability to get into the office could potentially plug a laptop into one of these cords and instantly access the entire network.

Cybercriminals often break into offices to steal data.

This is of course a very specific example, but it shows that companies often aren’t thinking of network security correctly. The reality of the situation is that hackers really don’t care how they gain access to a business’s information. Whether it’s by stealing an employee’s phone or dressing up as a janitor to plug into the network after hours, a criminal with enough initiative will find whatever holes exist in current security standards and exploit them.

ISG has the experience needed to do the job right

An ISG network assessment has one major component that sets us apart from other companies: experience. The average ISG engineer has been with the company for eight or nine years, which means they know our network assessment playbook backward and forward. They’ve seen all the classic mistakes – as well as some unconventional ones – and they know what the modern business needs to solve these problems.

When you work with ISG, you can rest assured that you’re dealing with some of the most experienced professionals in the field. If you’d like to see what this wealth of knowledge can do for you, contact an ISG network expert and set up your free IT infrastructure assessment today.

What can health care get out of data mining?

September 21, 2016/in Blog, Healthcare, Professional Services /by ISG Technology

Data is being created and stored at a rate unparalleled by any other time in human history. As such, the analysis of this information in order to discover trends has never been as important as it is now. This is especially true within health care, an industry that quite literally deals with life-or-death situations on a daily basis. Mining the data created by both patients and medical professionals has major implications for the field.

With that said, what can health care facilities get out of data mining, and what challenges stand in the way of this trend?

Efficiency while still being effective

As with most other industries, the main benefits of proper data mining are increases in both efficiency and client satisfaction. Knowing how consumers act and what they do can help employees better service them, while also decreasing time spent in areas that aren’t as productive. In health care, a good example of this is the mining of Medicaid data by the Wyoming Department of Health.

Officials from this agency decided that they were spending too much money on certain payments, and worked with Xerox to properly analyze the information they had been collecting for some time. This mining proved fruitful in many areas, but the most important one was emergency room visits. The analysis revealed that there was a sizeable portion of Medicaid patients that were going to the ER more than 10 times per year, according to Healthcare IT News contributor Erin McCann.

ER doctors are very busy and don't have time to deal with repeat visitors.

Two or three trips to the ER is just a bad year, but more than 10 visits means that something has gone wrong. This prompted Wyoming Medicaid employees to call these patients, verifying their status and taking steps to increase their level of personal care at home. The state also instituted a 24/7 nurse hotline to allow Medicaid patients to call in for medical help rather than going to the hospital. This enabled Wyoming to lower the costs of Medicaid ER visits by more than 20 percent, showing just how effective proper health care data mining can be.

The human element is the main disadvantage

“One of the biggest snags data mining has run into is human error.”

As it always is with technological innovations, one of the biggest snags data mining has run into is human error. Something as simple as accidentally including an extra data set due to sleep deprivation can have a major impact on the usefulness of the analysis. In fact, this problem is so apparent that an entire scientific paper sponsored by the Systems, Man, and Cybernetics Society was written on the subject.

The report – which was co-authored by Cheng-Jhe Lin, Changxu Wu and Wanpracha A. Chaovalitwongse – stated that researchers wishing to do away with human error must take a two-pronged approach. First, officials must take a top-down approach for implementing behavior modeling. These administrators must show employees what is expected of them if they ever hope to properly mine data. After this, analysts must take a bottom-up approach in order to determine who is making the most errors, as well as how many mistakes each person will most likely make in the future.

Data mining may have some hurdles to overcome in terms of human error, but this certainly won’t stop the process from continuing to work its way into health care. The medical industry is all about efficiency, and proper analysis of big data sets can help doctors and nurses improve patient care. What’s more, as the Wyoming Medicaid example shows, data mining can also help administrators determine where resources and time are being wasted, therefore giving them the ability to make changes to improve overall productivity.

Office 365 and the value of cloud-based solutions

September 16, 2016/in Blog, Cloud Hosting, Professional Services, Security /by ISG Technology

Microsoft’s Office 365 has made a huge splash within business IT. In fact, a study from security firm Bitglass found the service to hold 25.2 percent of the enterprise market in 2015, which was a 300 percent increase over the previous year. This even beat out Google Apps, hoisting Office 365 above the competition and showing just how valuable this solution is.

That said, many organizations are hesitant to make the switch to cloud-based platforms for a number of reasons. To that end, we’d like to dispel some rumors about Office 365 and get to the heart of what makes this service great.

Cloud-based solutions make sense for multiple verticals

“The cloud’s many advantages simply cannot be ignored.”

The cloud’s many advantages simply cannot be ignored at this point. The technology’s ability to increase innovation and flexibility while also keeping costs low is an incredibly central part of its selling point. In fact, Matthew McClelland of Blue Cross and Blue Shield of North Carolina has stated that these exact reasons were the drivers behind his organization’s switch to Office 365.

“We were often stuck in the old way of doing IT,” said McClelland, who is the manager of the information governance office at BCBSNC. “Slow waterfall-style projects that took a lot of time to roll stuff out. When you add up the cost of everyone’s time, impact to our operations, the impact on the day-to-day work of users, it’s expensive.”

Of course, health care isn’t the only sector seeing the benefits of cloud-based solutions like Office 365. Fortune quoted Curt Kolcun of Microsoft as saying that the number of Microsoft Cloud for Government users is around 5.2 million, which includes Office 365 as well as other cloud services.

Regulatory compliance is a must

Of course, many sectors have more to worry about than cost and flexibility. Regulatory standards, such as those imposed by the Health Insurance Portability and Accountability Act, come down hard on institutions that can’t follow the rules. In fact, a violation of HIPAA carries a maximum annual penalty of $1.5 million.

Again, this is where Office 365 shines. McClelland also reported that HIPAA used to be a “hurdle” for medical cloud migrations. However, Office 365 is now HIPAA-compliant, ensuring McClelland’s organization stays on the right side of the law.

ISG Technology can help with your transition

While Office 365 clearly has many benefits for all kinds of institutions, making the transition can sometimes be difficult. To that end, it makes sense to partner with an experienced company that knows all about what a move to the cloud means for an organization. ISG Technology is more than happy to be that partner for you.

Our trained professionals have the experience necessary to help you navigate the tricky waters of transition, both in terms of overall cost and regulatory standards. We know how important this move is to you, and we’re here to help you every step of the way. Contact an ISG Technology representative today and find out what your organization can get out of Office 365.

Securing A Mobile-First Digital Workplace

August 2, 2016/in Blog, Communications, Professional Services /by ISG Technology

With the growing millennial presence in the workforce today, it’s safe to say GenMobile has definitely arrived. GenMobile isn’t about a specific age generation; rather, a “changing-how-we-do-work” generation. Think about how we do things today versus five or even ten years ago. No longer do we need to come into a dedicated office space between specific hours of the day to get our work done. GenMobile is an always-on-the-go, yet more-connected-than-ever generation, and it’s changing the way IT responds to their business needs.

Today, mobility is everywhere – and it can benefit everyone. If you are an employee, and your child is sick at home, you can be home with them and still meet your deadline. Maybe you are more focused at ten o’clock at night, versus ten o’clock in the morning. Employers benefit from mobility for those same reasons.

Mobility also affects the business-to-consumer relationship as well. As more companies develop applications that customers can interact with on their smart devices, both parties benefit. Customers benefit from a variety of ways – from product information and reviews to location-based services that lead them around the workspace. Businesses pull valuable information about their customer base through these apps – from what products are generating a lot of interest online, to where customers are spending their time, and when.

Workspaces are changing as well. IDC claims there are over 1.3B mobile workers today, or 1.3B people who aren’t tied to a specific network port. Think of that unoccupied cubicle space in your office. Can you tell me that 100% of your cubicles are in use by a specific employee – not as storage space – as an actual desk space? On average, these spaces are sitting unused at $14k per cube. If it fits the needs of the workspace, what’s holding an organization back from going wireless?

The Internet of Things couldn’t be what it is today without mobility. IoT is all about the sensors, and most of those sensors connect wirelessly. IDC claims that by 2017, 90% of datacenter and enterprise systems management will rapidly adopt new business models to manage non-traditional infrastructure and BYOD device categories. That screams IoT. The only thing more important than those sensors, is securing the data that those sensors are gathering. If the integrity of the data is compromised, what’s the point of the sensor?

With all of these changes in mobility, and everything already coming from IoT, how do you respond? How do you accept these business-advancing changes while keeping your company secure? It all comes down to access – who has access to what on what device at what time. How do you enforce changes as your business changes? Let’s take a look at a few features that will help.

Authentication and Authorization

802.1x – It doesn’t matter if it is wired or wireless, 802.1x provides a great level of control over network access. Being able to throw a connection to a quarantine VLAN if/when needed keeps internal data and services safe.
Device Profiling – Having specific information about devices on your network can help create workflows and enforcement policies. It allows you to know what behavior you should expect from the device, and take action when that device is exhibiting unexpected behavior.

Identity-based Security – Not everything connects to the network through a wired port. The system needs a way to find out who is on the network, so that it can enforce proper permissions to its users.

Network Access Control Services

Device Differentiated Access – Being able to control not only who has access, but by what device, can help keep expected connections safe and unexpected connections off the network.

Managed Guest Access – Setting up an open Wi-Fi network with an Internet connection is not a guest network anymore. Bandwidth throttling, self-registration, and connection length monitoring are a few capabilities you need to have to provide a safe guest network.

Health/Posture Checks – Making sure that trusted devices are staying compliant before they reconnect to the network keeps networks safe.

Architecture and Coverage

Scalability – You never want to paint yourself into a corner when architecting a solution. Business growth shouldn’t mean ‘ripping and replacing’ architecture. Scalability is key.

Context Capture – Sharing information between systems can be extremely valuable. Why can’t your NAC solution benefit from information that your MDM solution has?

3rd-Party Integration – What happens when two companies merge? Often times, multiple hardware platforms are a result, but multiple connection scenarios shouldn’t be. IT needs a solution that has the ability to control a wide breadth of hardware, so the users see the same connection experience, regardless of what they are connecting through.

Management and Visibility

Workflow Automation/Template-Based Simplicity – Workflows should be easy enough for users to follow successfully, yet structured well enough that IT gets the information they need from them. These workflows can be created from templates – standardized, that all IT tiers can support them and a win-win for both users and IT staff.

Intelligent Reporting – This term shouldn’t seem like an oxymoron anymore. With a system that is natively aware of all of its parts, reporting should be simplistic yet specific. No more need for a flood of reports, just the ability to piece together what you’re looking for.

At the core of these 4 feature sets is security. The individual pieces of these feature sets are useful, but without security being at the core, they are worthless. Deploying security that works behind the scenes without interfering with a user’s productivity is what the industry is yearning for.

If we combine these 4 feature sets together and we make sure that security isn’t just a ‘bolt on the door’ but an actual part of the solution or part of the DNA, what do we get? At its most foundational level, we get IT adapting authentication to mobile requirements. To do this, we really need 3 things – policy, context, and visibility. We need policy to help us control who we have connecting to what and from what device. Context identifies users and their devices and helps keep policies and enforcement current. Visibility is what ultimately allows us to see how effective our policies are, and gives us the eyes we need for effective troubleshooting. Policy, context and visibility are their own separate powerful entities, but making them work together is far more powerful.

So, IT adapting authentication to mobile requirements seems obvious enough. After all, users need what they need and IT needs what they need, but there’s no reason why both parties can’t have their cake and eat it too. Have you met my friend, Aruba ClearPass?

Aruba has put together a pretty sophisticated authentication engine to run access to your network. ClearPass can handle everything – from onboarding devices for part of your BYOD strategy to managing access to your guest network to providing enterprise AAA including RADIUS and TACACS+. ClearPass also has over 100 vendor dictionaries to make sure that regardless of your hardware platform, ClearPass will be able to not only communicate with it but also make sure that your policies are being enforced through those devices. Having all of these possibilities through one product and not bolted on or piecemealed together, helps ensure consistency throughout the entire ClearPass experience.

New Call-to-action

Colocation – 8 Terms to Know

June 17, 2016/in Blog, Cloud Hosting, Continuity /by ISG Technology

Colocation continues to evolve every year as needs for storing mission critical information change. For many companies, balancing profitability of IT with constant repairs, downtime, and continuously improving security has become overwhelming. As such, colocation is in demand, simply because it makes good business sense.

When determining if colocation is the best solution for your company and how it aligns with your company’s long-term strategy, you may come across a few new terms. To help you during the discovery process, we created the following list of 8 key colocation terms that you can share with your team:

1. Hybrid Colocation – the act of storing data both on and off-site.

2. Rack Space – the amount of physical space you will need to house your servers off-site.
3. Cabinet Space – a cabinet is the term commonly used to reference one full rack (42-47 U). Half and full racks as well as space by the unit can be rented at most colocation facilities to house your company’s servers.
4. Cage Space – provides an added layer of physical security. The additional layer of protection provides you with the peace of mind that no one will have access to your highly sensitive date.
5. Uptime – refers to the availability of your servers and is often measured in a percentage. A data center’s estimated uptime is categorized by tiers. Tiers range from 1-4 or 99.61% – 99.99% expected uptime. What is your uptime?
6. N+1 Redundancy – have an independent back-up in case of failure to assure that your data remains available. A common example includes: back-up generators.
7. Service Level Agreement (SLA) – a contract outlining what level of service the provider will deliver and what consequences there will be for not abiding by those commitments. Addresses: performance, reliability, and support.
8. SSAE 16 SOC II – a detailed auditing report created by the AIPCA, is designed specifically to evaluate a data center’s security, availability, processing, integrity, confidentiality, and privacy. It also replaces the use of SAS 70.

To learn more about Colocation, download our free white paper: 4 Factors to Consider with Colocation.

Lessons learned from the Bangladesh Bank hack

May 11, 2016/in Blog, Cloud Hosting, Continuity, Finance, Security /by ISG Technology

Years ago, bank robberies were a very physical affair. Criminals donned ski masks and shot automatic weapons in the air, shouting for tellers to step away from the silent alarm buttons. That said, it would appear thieves have decided that this is just a little too much work. Hacking banks in order to steal money allows for the same reward without having to deal with a hostage negotiator.

In fact, the most recent cyberattack levied against Bangladesh Bank shows just how lucrative these schemes can be. The hackers involved in this scenario made away with around $81 million, which is more loot than any ski-masked thug could ever carry away. However, perhaps the most interesting part of this whole debacle is that this is nowhere near what the culprits originally intended to get. Investigators have discovered that the original plan was to take close to $1 billion when all was said and done, according to Ars Technica.

Unfortunately for the individuals involved, a simple typo wrecked what could have been the biggest criminal act of all time. A transaction meant for the Shalika Foundation was spelled as “Fandation,” which tipped employees off that something was afoot. Regardless, this is still a massive undertaking that demands intense review.

“Bangladesh Bank isn’t completely free of blame.”

How did they get in?

To understand how this whole scheme began, it’s important to comprehend how Bangladesh Bank sends and receives funds. Institutions like this rely on SWIFT software, which basically creates a private network between a large number of financial organizations. This lets them send money to each other without having to worry about hackers – or so the banks thought.

Gaining access to the transactions within this network was basically impossible, unless someone were to be able to compromise a bank’s internal IT systems. This is exactly what the criminals did.

However, Bangladesh Bank isn’t completely free of blame here. The only reason that hackers were able to gain entry was because the financial institution was relying on old second-hand switches that cost about $10 each. Considering how much was at stake, pinching pennies in such a crucial department seems incredibly irresponsible in hindsight. What’s more, the bank didn’t even have a firewall set up to keep intruders out.

Once hackers bypassed this low level of security, they were given free rein to do as they pleased. Accessing Bangladesh Bank’s network allowed them to move on to SWIFT, as the cheap switches didn’t keep these two separate. However, the really interesting part of this whole criminal act was how they took the money without anyone noticing.

Why weren’t they discovered sooner?

In order to make off with the cash, the criminals had to access a piece of software called Alliance Access. This is used to send money, which allowed the hackers to increase transactions in order to make a profit. However, Alliance Access also records transactions. This was a big problem for the thieves, as they couldn’t make money if someone knew they were stealing it.

To fix this, the hackers simply inserted malware that disrupted the software’s ability to properly regulate the money that was being moved. On top of that, this malicious code also modified confirmation messages about the transactions. This allowed the criminals to continue to operate in obscurity, racking up millions of dollars without anyone being the wiser. In fact, they would have gotten close to $1 billion if one of these altered reports didn’t have a spelling error.

A small error cost these hackers hundreds of millions.

However, understanding so much about how Bangladesh Bank’s system worked has pointed investigators to the notion that this was an inside job. In fact, The Hill reported that “people familiar with the matter” know that a major suspect is a person who works at the bank. No one has been named yet, but getting an employee in on the job certainly makes sense.

Network assessments are a must

Regardless of whether or not this turns out to be an inside job, the fact still remains that Bangladesh Bank was incredibly vulnerable to a hack like this. Relying on cheap network switches is bad enough, but not having any sort of firewall is a major hazard that modern institutions simply cannot allow.

This is why every company should consider receiving a network assessment from ISG Technology. Our skilled experts know how to spot glaring vulnerabilities such as these, and can suggest fixes to ensure the security of private data.

How ISG handles HIPAA compliance

May 10, 2016/in Blog, Cloud Hosting, Healthcare, Security, Storage /by ISG Technology

Health care data is heavily monitored in the U.S. The Health Insurance Portability and Accountability Act has very strict regulatory standards about how this kind of information can be handled. One wrong decision could result in some hefty fines, even if the person or organization didn’t know they were making a mistake. The American Medical Association has stated that even accidentally violating HIPAA could cost a medical facility up to $50,000 per violation.

Clearly, making a mistake when handling medical records isn’t an option, which is why ISG Technology works with health care providers to ensure they don’t stumble. But what exactly can ISG do for you?

“Accidentally violating HIPAA could cost a medical facility up to $50,000 per violation.”

Issues with security aren’t always apparent

The main advantage of partnering with ISG is that we can help you get ready for an actual HIPAA compliance audit by zeroing in on problems you might not even notice.

One of the main issues our engineers run into when assessing a hospital’s network is the fact that security credentials often aren’t taken as seriously as they should be. Basically, employees who only need to view certain kinds of data are often able to access information they shouldn’t be able to see. In an average hospital network, only about two or three employees should be given admin privileges. However, ISG experts often come into an assessment and find that 100 workers in a 700-user system will have domain admin accounts.

This is a problem because it creates a huge number of entry points for a hacker who can socially engineer her way into accessing one of these accounts. According to past experience recounted by security firm Social-Engineer, more than two-thirds of employees will provide a stranger with their information such as their birthday, Social Security number or their personal employee ID. A hacker could easily call into this hospital and use this information to trick a staff member into giving them login credentials to an admin account, thereby allowing the criminal free reign over a network.

Hackers use social engineering to get data.

ISG can help you fix these problems and pass an audit

HIPAA audits are extremely comprehensive, and getting a perfect score is next to impossible. In fact, as the above example shows, health care facilities often have numerous issues that they don’t even know about, which can decrease an organization’s standing if an auditor were to discover these problems.

ISG can help these facilities decrease the number of red flags to a manageable and reasonable number, thereby increasing the chances of passing an inspection. Health care data is extremely private, and ensuring its safety should be a top priority.

How does culture affect hybrid IT integration?

May 10, 2016/in Blog, Cloud Hosting /by ISG Technology

The culture you have created at your business should be something you are constantly evaluating. Not only does it affect employee retention and recruiting, it also has major repercussions when attempting to implement a hybrid IT solution. Blending your own IT team’s services with that of an outside provider is never a completely smooth process, but having a poor internal culture can make it even bumpier than it has to be.

That said, culture does not exactly have a quantifiable metric, so deciding whether or not your employees are ready for this kind of service can be difficult. What does an office that is prepared for hybrid IT integration look like, and what can you do to get your workers to that position? Let’s find out:

“IT departments have become overwhelmed.”

Your IT team hasn’t failed

A good place to start with a hybrid IT integration is to make sure everyone understands that your internal IT department is not at fault here. Many employees jump to the conclusion that contracting a managed service provider to handle certain functions is the first step toward fully outsourcing IT. As an administrator, it is your job to quell these notions.

With the massive increase in technological reliance in recent years, IT departments have become overwhelmed. In fact, Robert Half Technology found in a study that CIOs believed their tech teams to be understaffed by about 42 percent. Explaining that this integration of hybrid IT is to allow your internal department to focus on future goals rather than putting out daily fires can help quell any panic from employees.

Emphasize innovation from the top

Another reason employees are hesitant about hybrid IT is the fact that they probably have gotten used to the old way of doing things. In fact, getting employees out of a rut is actually one of the best benefits of this service. Shaking things up from time to time helps fight complacency, but it has to come from the top of your organization. This means getting all executives on board and actively engaged in this transition.

If not, you could become part of the roughly 90 percent of respondents in a recent Hitachi Consulting report that stated legacy systems were getting in the way of innovation and growth. Innovation should be a major part of any company’s business model, and hybrid IT can help you work toward it.

Be specific with what will need to happen

Finally, and perhaps most importantly, administrators need to keep employees as informed as possible about this transition. This starts by being specific about what operations will have to be moved when discussing the integration with your current IT team. Just saying “we need to move to the cloud” is not good enough.

On top of that, you’re going to need to be extremely transparent with the rest of your employees. Backlash from workers is very common in these situations, and the only way to minimize this is to make sure everyone knows what’s going on and why these operations are changing.

Hybrid IT is certainly a deviation from the norm, but that’s the whole point. Change is a good thing if handled correctly, so make sure you choose a solid managed service provider to get the job done right. ISG Technology’s years of experience integrating hybrid IT can help make sure your transition is as pain free as possible.