Posts

Posted on

4 Rules of Thumb for Better IT Security

Your business is a target. The simple fact of being in business makes it so. There are a lot of bad actors out there who will go to great lengths to get your personal and financial information, and they have many different and innovative approaches to get it. There are some small steps any business can take to make a big impact in protecting business data.

Here we present our 4 Rules of Thumb for better IT security; a starting place if you’re looking for somewhere to begin.

We can’t stress enough that every business should make it a priority to implement some basic information/technology security standards and regular employee training. Having more discussion on the subject helps everyone in the company learn and shows that management is paying attention. Remember that business data isn’t just word documents and spreadsheets. It’s banking and financial and other information, employee information like social security numbers and direct deposit info, customer, vendor information and more. For even a small business, the possibility data exposure or loss isn’t trivial.

NOOBEH cloud services works to keep your QuickBooks on Azure cloud deployment more secure in a variety of ways, but we always start with a few essential policies. These rules and policies can mean the difference between a small IT annoyance or catastrophic failure and data encryption, loss, or exfiltration. If you haven’t implemented these four essential policies in your business IT environment, today is the day to start.

  1. Always use strong passwords, at least 10 to 12 characters, and make them complex. Require passwords to be updated periodically. Don’t reuse passwords and avoid common words or phrases.
  2. Don’t let users operate with permissions greater than required. In applications, consider restricting functionality based on the role or job requirements. On servers and PCs (Windows, Mac, whatever), make sure users are operating as “standard” users rather than system administrators. When you reduce the permissions granted to users you prevent their accounts from performing possibly harmful actions in the system, like installing malware or damaging programs, modifying settings, or even creating backdoor user accounts.
  3. Control user account information and manage it closely. Simply knowing what user accounts exist can give hackers and phishers enough information to begin targeting logins and applying methods to crack them. Part of this includes making sure to remove or disable accounts for user accounts that are no longer needed. Every unused account that remains enabled is just another point of vulnerability. Protect system and administrative accounts and directories (like Microsoft Active Directory). Make certain that you only grant access to sensitive system and account information when absolutely necessary, and only to a completely trusted source. Also make sure to have at least one “break the glass” (back door) admin account you can use if the regular administrative account(s) become compromised.
  4. Limit the installed software to what is needed for the business and keep it current. Make sure operating systems and applications are up to date, and keep browsers and plugins updated to make sure they don’t become the weak link.

Cyber criminals are delivering waves of cyber-attacks that are both highly coordinated and far more advanced than ever before seen. Endpoint attacks have become complicated multi-stage operations, ransomware hits small business and enterprises alike, and stealth crypto mining got criminals into unsuspecting corporate networks. The year has been awash with massive data leaks, expensive ransomware payouts and the realization of a completely new and extremely complicated threat landscape. The bad guys have upped their threat game in a big way.

Diligence is required to help protect valuable business information assets. Following these four rules of thumb will help the business avoid becoming easy prey and can provide a foundation for greater system security and a more streamlined approach to identity management, applications and access.

jm bunny feetMake Sense?
J

Posted on

Web-based, Hosted and Cloud: The Confusing Journey to Transformation

There is no doubt that businesses of all sizes and types are moving from analog and paper-based to digital and electronic systems. Moving from postal letters to email, “PDF-ing” instead of printing, and EDI rather than manual order entry, businesses are taking on the challenges of transforming their processes one by one.

Cloud computing and virtualization have had a great impact in these areas, providing the foundations for process improvements and higher business intelligence than ever before. Increasingly, businesses are looking to “cloud” to help them do more with their businesses, and to do it better and more profitably.

In looking at cloud – applications, platforms, and services – it is important to understand that different approaches aren’t necessarily mutually exclusive. Many businesses implement a combination of technologies and services, creating their own hybrid approach to doing business the way it works for them.

Web-based, Browser-based

When most small business owners think of implementing “cloud” in their operations, the things that initially come to mind are web-based/browser-based applications. Due in large part to how these products are marketed, web-based apps are among the most widely recognized “cloud” type of service.

QuickBooks Online edition is an example of web-based/browser-based application service. It was built to run in a browser, and you access it over the Internet. These types of applications are often referred to as “net native”, because the only exist as Internet-based service. Other examples are NetSuite and Intacct.

The key with these types of application services is that they aren’t just applications; they are subscription services that include the infrastructure and data storage as part of the solution. You access by going to a web URL in a browser, and login and use the system. You own nothing of the system – not the servers its running on, not the application itself, and (if you don’t pay your bill or export your information) not the data.

What makes these systems “cloud” is that they are running on servers – application servers, network server, data servers etc. – that are all meshed to work closely together. You do not have to worry about (in fact, you often won’t even know) exactly where in the world your system is located, and you have no direct contact with or interaction with the infrastructure on which your application and data are running. As far as users are concerned, their application and data exist “in the cloud” … somewhere.

Hosted applications can also be Cloud

Cloud or not cloud really doesn’t have anything to do with whether the software is browser-based versus disk-based (desktop). Cloud really refers to having a ubiquitous network of connected resources which allows for the creation of dynamic, agile, scalable infrastructure. Google Compute, Amazon Web Services, and Microsoft Azure are the 3 primary (publicly available) cloud platforms.

Online application services generally use cloud platforms and infrastructure to support their software and data, enabling the delivery of services to large numbers of users regardless of where they are located.

Desktop applications can also be run on cloud infrastructure, enabling businesses to access and use their applications and data regardless of location or device, but to retain all the functionality and capabilities of the more mature desktop solution.

For example, NOOBEH cloud services deploys managed QuickBooks and other desktop applications from the Microsoft Azure cloud platform. With Noobeh’s approach, customers can retain essential control of their infrastructure (Noobeh manages it for them, but it is the customer’s private system), allowing it to be configured to be exactly what the customer needs.

NOOBEH Azure hosting is provided as a subscription service and can be changed or adjusted at any time with just a restart of the system. This agility gives businesses what they need now, but also allows the platform to be adjusted to changing business needs. Not having to purchase or invest ahead of needing new resources, as well as reducing the system size if less is ultimately needed, are among the many benefits of using a true cloud platform. Migrating applications and data from on-premises to cloud platforms allows businesses to reduce or eliminate their reliance on locally installed servers and network systems, which is another step in transforming the business and its capabilities.

When a business elects to migrate from desktop to web-based applications for only some functions, the result is often that other applications and data remain active on the local systems. This forces the business to retain their expensive computers, networks and local IT management services and reduces much of the value of a cloud transformation.

On the other hand, if the business elects to migrate to cloud infrastructure it allows them to migrate all their applications, data, and processes immediately, delivering immediate business benefit and providing the right platform for further improvement.
For most small and growing businesses, it is the elimination of concerns about hardware failures, not having to purchase ahead for possible future needs, and having up-to-date secure and compliant systems that deliver the full value and capability of the cloud.

Business transformation starts with the foundation, and a strong information technology platform becomes the base upon which smarter and more efficient processes are built. Whether your company is just beginning its transformation journey or is well on the way, cloud applications and platforms are integral to helping your business keep moving forward.

jm bunny feetMake Sense?

J

Posted on

Keeping Your Financial Software Updated: Annual QuickBooks Desktop Service Discontinuation

It’s time again for the annual QuickBooks Desktop service discontinuation notice, which does not mean in any way that QuickBooks Desktop is being discontinued. Rather, Intuit (the makers of QuickBooks) take this time each year to encourage customers to change to QuickBooks Online edition instead of desktop, or for existing desktop users to {sigh} update their desktop software to keep it working fully.

The features and capabilities of QuickBooks Desktop have evolved over time and through a great deal of usage, making the market-leading accounting software for small businesses something that not even its online counterpart can compete with. While QuickBooks Online edition adoption continues to grow, businesses with more mature and complex requirements continue to rely on the tried-and-true capabilities of the QB Desktop editions.

Yet, as technology and business models evolve, so must certain aspects of the beloved QuickBooks Desktop products. Many of these evolutionary changes center on services delivered within the QuickBooks product or as add-on benefits of a particular license type. With identity, license and service management now being handled, at least in part, via web services, QuickBooks is ever-more reliant upon the Intuit.com account and the ability to validate users, roles, license, and services. It is in these areas that service discontinuations tend to focus as older versions of the product no longer support the new methods.

Here is the information Intuit provides regarding service discontinuation for older versions of QuickBooks Desktop (sans the “migrate to QuickBooks Online” messaging).

When does service discontinuation happen and what does it mean?

Access to QuickBooks Desktop add-on services, live technical support, software updates and security patches are all discontinued after May 31, 2023 for QuickBooks Desktop for Windows 2020. This includes all 2020 versions of QuickBooks Desktop Pro, Premier, and Enterprise Solutions (v20). Versions of QuickBooks Desktop earlier than 2020 were discontinued previously, as this is an annual occurrence.

Here is Intuit’s statement regarding service discontinuation:

“Your access to QuickBooks Desktop Payroll Services, Live Support, Online Backup, Online Banking, and other services through QuickBooks Desktop 2020 software will be discontinued after May 31, 2023. This also means you won’t receive critical security updates starting June 1, 2023. If you receive any security updates before this date, install them.

Products affected by service discontinuation after May 31, 2023.

  • QuickBooks Desktop Pro 2020
  • QuickBooks Desktop Premier 2020 (General Business, Contractor, Manufacturing & Wholesale, Nonprofit, Professional Services, and Retail)
  • QuickBooks Enterprise Solutions 20
  • QuickBooks Premier Accountant Edition 2020
  • QuickBooks Enterprise Accountant 20
  • QuickBooks Desktop for Mac 2020”

Keeping your software up to date is important for a variety of reasons. Not only are new features introduced and software bugs patched or fixed, but security enhancements are introduced regularly to keep your data and accounts safe. Further, regulatory and compliance factors play into some of these updates, as is often the case with online banking service and the like.

Securely connecting to bank feeds, email systems, identity management services and other aspects of software functionality and integration are among the reasons for making sure your accounting software is being updated.

For businesses that don’t use or rely on any of the above services for QuickBooks, the software will continue to work. But, even if the software works after the May 31 date, it might not be a great idea to stay on an older un-updated un-patched and semi-functional version of financial software that you run your business and manage your finances with. Just sayin’.


jm bunny feetMake Sense?
J

Posted on

Competitive and Profitable Construction: What’s it take to get there and stay there?

The short answer is… update your operations and transform the business. It’s time to modernize and embrace the cloud.

Construction firms need to be more data-driven, analyzing and responding to conditions revealed by the various systems supporting the business operation. Turning a profit on complex projects means applying automation to manual processes and workflows, introducing more collaborative tools, and delivering real-time data to gain greater insight into the operation’s performance and profitability. The foundation for all of this is the cloud platform, extending connectedness beyond traditional boundaries.

Digital transformation and the adoption of agile and connected cloud platforms can result in productivity gains of 14 to 15 percent and reduce costs from 4 to 6 percent. These improvements are the way to address fading profits even as the pace of business increases. https://www.mckinsey.com/business-functions/operations/our-insights/decoding-digital-transformation-in-construction

There are several factors that typically weigh down the operation and cause profits to fade. Strained IT resources is a big item for most construction companies, where technical people spend far too much time building and maintaining on-premises servers and networks. Maintaining on-premises servers adds up fast. A single IT manager can easily cost around $150,000 per year, and the “cost of cybersecurity compliance raises the price by an additional $200,000.” (5 Reasons Contractors Need to Modernize Their Operations to Stay Competitive and Profitable by Trimble Viewpoint)

Even when you factor in the costs of hardware, software and IT personnel, those costs don’t include the hidden expenses that come with the use of on-premises servers, like disconnected and siloed data that requires manual processes to use, duplicated data entry requirements (increasing the potential for human error) and more costs for labor. When you figure in all the capital costs and expenditures, on-premises solutions can cost up to four times as much as their original purchase price. On the other hand, NOOBEH cloud servers, deployed on the Microsoft Azure platform, offer reliable, cost-effective solutions to support the variety of important business applications and integrations that high-performance operations require.

NOOBEH cloud services focuses on addressing the pain points businesses have with their IT. We help businesses implement services that promote real collaboration for real use-cases, and we look for ways to connect projects and operational data so it can be analyzed to unlock greater value across the entire enterprise.

Disconnects cause inefficiency, delays, errors, and reduced productivity. Lack of insight on the labor and equipment side leads to uncontrolled resource utilization and a lack of predictability. Jobs get delayed and profits fade. Lost productivity due to duplicate entry of information is leveled at 10%-30% (or more), and these rates are not uncommon. https://www.eckerson.com/articles/hidden-costs-of-duplicate-data.

Clearly, automation, connected workflows, cloud platforms and real-time data are essentials in the transformation and improvement effort. Let in-house IT focus on activities that bring value to the business, finding ways to innovate and improve how things get done. Replace cumbersome, manual processes with software and systems that facilitate greater automation and integration, eliminating redundant data entry and improving the quality of information.

Construction projects are becoming larger and more complex, and project owners want the latest technologies, real-time reporting, and comprehensive approaches to compliance. Today, industry-leading contractors are embracing connected cloud technologies so they can scale and future-proof their businesses.

The modern contractor takes advantage of connected platforms, automation and real-time data that feeds data analysis and business intelligence… innovations only available with the cloud. That’s what NOOBEH delivers.

jm bunny feetMake Sense?

J

Posted on

Building Smarter Businesses

Achieving Growth, Efficiency and Sustainability Through Greater Business Intelligence

Every business needs to know how they’re doing so they can find ways to do better. This is what business intelligence is, and it’s the key to taking advantage of new opportunities and building success.

Consider the IBM commercials that were aired, about developing models for the prediction of traffic conditions in Singapore and “infusing intelligence into the systems and processes that make the world work”.   What they’re saying makes sense, but most business owners would likely say that it addresses bigger issues and doesn’t really speak to them. Yet those messages are for even the smallest of enterprises because you must really understand what’s happening in a business – and how it’s happening – to improve and excel.

The ability to leverage technology to collect data and analyze it in real time can make a huge difference, whether it is in a small business or a global system. With an intelligent approach to enabling the enterprise, we can build smarter and stronger businesses.

“Together, we have to consciously infuse intelligence into our decision-making and management systems, not just infuse our processes with more speed and capacity . . . We are moving into the age of the globally integrated and intelligent economy, society and planet. The question is, what will we do with that?”

former IBM chief executive Sam Palmisano

Business software and systems have reached the point where data collection and raw business intelligence is being gathered in real time by businesses small and large. This is where businesses must transform, replacing paper-based systems with digital workflows and enabling the collection of real-time information as data for analysis.

Forward-thinking accounting and finance professionals realize that accounting is not simply the final resting place for after-the-fact financial data. The finance department is where collected data is turned into actionable information, and information is power.

The competitive landscape for businesses of all kinds is changing along with the progress and adoption of technology.  Business owners and accountants should learn to use the tools which will help them find the patterns and trends in the system that help to forecast more accurately.

Working with NOOBEH cloud services and Mendelson Consulting, accounting professionals and business owners can implement the agile platforms and connected technologies to help achieve the benefits of growth, efficiency and sustainability envisioned by the Smarter Planet initiative.

jm bunny feetMake Sense?

J

Posted on

Is Your Business IT Ready for Industry 4.0?

Over the past several hundred years there have been trends which revolutionized industry and manufacturing around the world… steps taken in an industrial revolution which advanced the evolution of civilization and life as we know it. The first revolutionary phase was combining mechanization with steam and waterpower, and the second was the combination of mass production with electricity. The third was the rise of electronics, IT systems and automation. We are now at the start of the fourth phase of industrial revolution.

PwC’s Insights suggests that Industry 4.0 “refers to the fourth industrial revolution, which connections machines, people and physical assets into an integrated digital ecosystem that seamlessly generates, analyzes and communicates data, and sometimes takes action on that data without the need for human intervention.”

This next phase advances on concepts introduced through digitization and connected frameworks, tying in the industrial IoT (Internet of Things) and smart manufacturing. This meshed model relies on interconnectivity of systems, lots of automation at high levels, machine learning and AI… all collecting and generating data in real-time.

Where physical operations and production join with smart digital technologies, big data, and machine learning, businesses can forge systems which focus directly on manufacturing and supply chain management, gaining new insights and getting actionable data at all levels.

Virtualizing physical resources and digitization of analog data is now coupled with improved access to and management of the platforms. Rather than building out on-prem physical servers and systems, businesses are finding that the agility, scalability, and fault-tolerance of the cloud is necessary when designing an operation that connects, communicates and collects data, performs intelligent analyses, and potentially acts without people getting directly involved.

Every company is different, but all face a common challenge — the need for connection and access to real-time insights across processes, products, and people.

The consulting team at Mendelson Consulting and our NOOBEH cloud services group know how to get businesses in the best position to implement the tools and services that will propel the operation forward. From the most popular and powerful small business financial software to cloud platforms which enable connectivity in applications and workflows, we understand what it takes to help small businesses transform.

jm bunny feetMake Sense?

J