Unplanned Outages: The Real Cost of Your Worst Nightmare

Over the last two decades, the business world has increasingly relied on the internet as a considerable source of revenue. With this reliance, a greater need for the right IT infrastructure has evolved.

According to Gartner, IT downtimes can vary by industry. However, the average cost across the board is a whopping $5,600 per minute. While the monetary cost to remedy a system failure is relatively low, the expense incurred from related downtime costs can be substantial.

We’ll explore both of these areas to paint a complete picture of just what a business can stand to lose in the case of an unplanned outage. 

Financial Costs

The first problem to address is clear. IT outages can hit where it really hurts, right in the money.

In such a fiercely competitive age, downtime clearly spells a loss of dollars for any business.

For this reason, business disruption and lost revenue are the biggest costs incurred during an outage, making up 60% combined.

Business disruption prevents the revenue generation needed to cover fixed costs. Examples of fixed costs are employee salaries, rent, equipment costs, insurance etc.

Perhaps this is why KPMG reports that 2 hours of downtime is simply unacceptable for 24% of organizations.

How to calculate financial costs

The following formula is a great place to start for an idea on what an unplanned outage costs your business. Calculating your cost-per-minute requires an understanding of your yearly operational costs that can be broken down into cost-per-minute.

Outage cost = minutes of downtime x cost-per-minute.

In addition to immediate costs, unplanned outages come with other costs. Some of these costs may be unintentionally left out of cost analysis since they may be difficult to accurately assess.

These opportunity costs should be on every business’s radar and effectively calculated into total downtime costs.

Contingent Costs

Perhaps one of the most troublesome costs directly impacted by an unplanned outage is the decrease in productivity that employees will experience due to interruption.

In order to have an accurate idea of the effect on productivity, businesses should account for the length of the downtime and the average time it takes an employee to refocus on an abandoned task. This time can be considerable according to The Washington Post. They reported that an average of 238 minutes are lost to interruptions daily.

The chain reaction from unplanned outages extends much further, compromising the following areas:

  • Employee morale
  • Customer loyalty
  • Brand image
  • Supply chain management
  • Compliance violation fees
  • Lost or damaged equipment costs

While it’s true that outage costs have skyrocketed, the answer to this dilemma is clear. Businesses must commit to implementing a plan.

Unplanned outages are an unavoidable aspect of being in business, but with the right team in place you can minimize them. This is exactly why your business can benefit from managed IT services.

As an experienced managed service provider, we can provide an IT infrastructure that manages unplanned situations before they even occur. Call us today to schedule your consultation and discuss what solutions we can offer to your business.

Cloud Computing Breakdown: Revealing What It Actually Means

Over the years, the “cloud” has become a term loosely used, but not so accurately understood. It is nothing more than a metaphor for the internet. This metaphor was drawn from diagrams in the past used to depict network connections. Similarly, cloud computing has become a buzzword even further misconstrued. As a cloud computing service provider, we are pleased to offer some insight on the topic.

Put simply, cloud computing refers to services being offered via the internet. Traditionally, applications and programs have been housed on a local, physical device. However, cloud computing facilitates remote data storage.

Many devices can access that data as long as they are connected to the internet. This introduces a plethora of benefits to enterprises of every size. Some of those benefits include:

1. Reduced expenses

Cloud computing reduces the investment needed for hardware & facilities. In a traditional business setting, hardware storage can assume a considerable portion of any equipment budget.

Moreover, the space to house a large data center can come with a hefty price tag. Cloud computing negates the need for these expenses which saves money in the long run.

2. Increased data security

Data breaches can be devastating for any company. They impact reputation, customer loyalty, and finances. The cloud offers stringent security that surpasses the security available in a local computing scenario.

3. Disaster recovery

Certain circumstances can lead to loss of a device, whether by natural disaster, theft, or accident. In this case, the “cloud” allows a user to access their data another device. In turn, the cloud prevents disruptions in productivity that might otherwise have occurred.

Of course, cloud computing offers plenty of other benefits such as scalability and mobility, to name a few. Both benefits allow enterprises to maintain a level of fluidity that is key to running a successful business.

In fact, fluidity may be the most important component of cloud computing. All cloud services boast the benefit of agility. Such agility allows enterprises to access a network of resources and prebuilt services that improve workflows. Moreover, these additional resources may come at minimal cost to the business since the cost is in direct proportion to usage.

The resources used will vary by company since there are many types of services available. Business may utilize any of the following:

  • Infrastructure as a Service (IaaS)
  • Platforms as a Service (PaaS)
  • Software as a Service (SaaS) 
  • Functions as a Service (FaaS) 

Whatever the service that your business finds helpful, Starfish can help! Contact a member of our team today to discuss your business needs. We would be happy to guide you through selecting a service that best fits those needs, resulting in a more productive business.

How the Healthcare Sector Is Being Targeted

Many hospitals are already stretched thin in the ongoing COVID-19 pandemic. Hackers now have the perfect sweet spot for attack. As a result, threat actors have targeted the healthcare sector in a stream of attacks. They have impacted nearly two dozen hospitals across the United States.

For example, hackers infiltrated the University of Vermont Medical Center in late October of this year. The attack impacted the phone lines first. Next, the internet went down. The infrastructure went down along with it.

The staff scrambled to access medical records, databases, and other imperative tools. The chaos that ensued is one that other hospitals have also been faced with.

Healthcare sector held hostage

Cyber criminals are using technologies like Ryuk ransomware to target the healthcare sector. Ryuk has been linked to two Russian cybercriminal groups, Wizard Spider and CryptoTech.

Using this ransomware, threat actors can lock hospital systems and demand a ransom. Hospitals are an easy target because they depend on their systems. They are often more willing to quickly meet the demands of hackers because of this dependence.

As the healthcare system has been burdened, that reliance has expanded even more. Criminal organizations are now seizing this opportunity to extort hospitals.  

Of course this threat to the healthcare sector goes beyond the enterprise level. Private healthcare information is also at risk. Such sensitive information is susceptible to extortion at the individual level.

After all, ransomware can open up access to patient details like healthcare history, social security numbers, personal contact, and billing information.

How should the healthcare sector respond?

Cyber crime has increased across the board this year, but the threat to the healthcare sector is even more troubling. The threat goes beyond financial impact. Attacks on hospitals can be life-or-death scenarios.

Members of the healthcare sector must be vigilant, as threats become more sophisticated. Hospitals should also look for opportunities to work with peers, leaders in other sectors, and law enforcement agencies.

Starfish is here to help small to mid-sized business in the healthcare industry. Take one step in the right direction to a safer, more secure environment for your practice and your patients. Schedule a consultation today.

3 Steps To Protect Your Tech From Malware

If you’ve noticed suspicious activity on your business or personal computer, act with haste. You should take precautions to detect any malware and remove it. Before you take action, it can be helpful to do just a little research to confirm your suspicions. Consider the following questions to determine if your worries are warranted:

Are your fans spinning more vigorously than usual?

Do you encounter frequent pop-up messages while browsing?

Do you experience redirects to unintended websites?

Does your browser freeze or crash often?

These are just a few symptoms to consider if you believe your computer has been infected. If you determine that your computer is infected, you can take these three simple steps right away to resolve the problem.

1. Back up your files & enter safe mode.

Before troubleshooting your computer, backup your files to an external drive or network location. However, not all files should be backed up.

Limit this process to files that you have created. Refrain from backing up computer programs since malware could be hiding in these files.

If any program files are lost, you can reinstall them at a later time. Once you’ve backed up the recommended files, restart your computer in safe mode.

Safe mode is an operating mode within any computer system that limits your computer’s functions. It is useful for fixing any issues your computer is experiencing. By restarting your computer in safe mode, you can often prevent malware programs from reopening. 

As a result, you can gauge whether your device’s dysfunction is due to programs that load as your device starts up.

2. Download & run a malware scanner.

Next, you should find an on-demand malware scanner that will successfully detect any malicious software. Many of these programs are free or offer free versions for personal use. However, enterprise use comes with a fee.

You’ll find many options on the market. The following list outlines some reputable solutions available:

Once you’ve selected a malware scanner, run the program to identify any corrupt files. The scanner will show results once the scan is complete and give you a chance to remove any harmful software.

3. Restart & reset.

The last step in the process is to restart your computer to disrupt any running malware. After restarting your machine, monitor its performance closely. If you still believe your device is not functioning properly, you can try a more comprehensive scan. 

No scanner is 100% accurate. Unfortunately, there are certain types of malware that may be undetectable by some programs. 

Malware has become more sophisticated. As a result, businesses must have a response plan in place for suspicious activity. If you’re looking for a managed service provider to help you craft that plam, we can help! Call us today to set up a free consultation with Ohio’s top-rated IT company.

Cloud Services: Solving Data Storage

Data storage is an issue that every business will have to face at one point or another. Data accessibility is crucial for efficient operations. However, it can be a challenge to ensure that data is both readily available and secure. Cloud services are the answer to that challenge.

Before the Cloud

Before cloud services were widely in use, businesses historically stored their data on physical storage devices. These storage methods included hard drives, flash drives, and SSD’s. They presented two major challenges.

First, data can be easily lost using these storage methods since equipment is vulnerable to physical damage. Second, data stored on hard drives requires someone to be in close proximity to gain access. 

As a result, data silos were a common experience before the cloud. Data often became trapped in the hands of one person or department within an organization.

For this reason, collaboration is much more difficult within businesses that do not use the cloud to store essential data.

Since the concept of the cloud was first popularized over a decade ago, cloud availability has increased and the service cost has dropped considerably.

The use of cloud services is no longer limited to major corporations, but increasingly used by small and mid-sized businesses alike. The new data storage method comes with unquestionable security and accessibility benefits.

Secure Data

There are many occurrences that can pose a threat to data stored locally. To start, there is always a possibility of machine failure, infection, or theft. Additionally, your data becomes vulnerable to natural disaster or accidental occurrences such as a fire or flooding.

Cloud services offer businesses a chance to store data remotely and redundantly. Redundant storage refers to information being stored in at least two locations. This guards against external threats like those mentioned above.

Accessible Data

The growth of a business is dependent on ironing out processes that impede daily operations. One major obstruction to operations can be difficulty accessing data.

This obstruction can inhibit employee productivity and lead to wasted resources. For instance, if one department within a business has control of data that could be useful to another department, cloud services help to bridge that gap.

Service & Support

If you are not currently using cloud services to support your business, a managed service provider can give you the support you need to better manage your data. Talk to a Starfish specialist today about the cloud services we offer to provide support to your business.

Managed IT Services: Why Your Business Needs Them

Technology has integrated into every part of business operations. As a result, many organizations are looking outside of their own workplace to meet increasing IT needs. Managed IT Services offer companies a chance to meet these evolving demands through the use of a third-party IT provider. This provider is commonly referred to as a managed service provider(MSP).

Managed service providers offer either complete or supplemental IT services. Complete IT services may be ideal for businesses who do not have a current IT provider. In contrast, supplemental services allow businesses with a dedicated IT team to outsource as needed.

Let’s examine some of the reasons a business may consider bringing on an MSP to handle specific IT needs.

Address IT needs proactively.

Whether a business is in the market for complete or supplemental IT services, one thing is certain. All businesses must approach IT needs proactively.

With virtual landscapes constantly changing, the need for dedicated personnel to keep up with those changes has become a necessity.

Prevent network downtime.

Businesses across every industry depend on proper network function. Networks allow them to connect their employees, provide access to essential information, and perform key business functions.

As a result, downtime can be costly, resulting in a loss of sales and new customers. Moreover, it can also lead to a decrease in productivity, loss of data and have an adverse affect on brand reputation.

Understaffing is one common reason for frequent IT outages. If there is not a dedicated team to monitor the network 24/7, downtime is likely.

Cut in-house IT costs.

Savings potential is a driving factor for many businesses to outsource IT needs. For small to medium-sized businesses with limited resources, outsourcing is a great way to cut back on operational costs.

Outsourcing cost advantages can vary depending on the task. However, there are consistent savings brought by reducing or eliminating training costs, salaries and benefits.

Businesses can hire skilled professionals to perform work as needed. This can cut the hefty cost of an in-house IT team. Alternatively, if an onsite team is essential, MSP’s can be great to use for focused projects or tasks. By reserving unplanned needs for MSP’s, businesses can allow onsite employees to stay dedicated to long term IT goals. Moreover, businesses can save money by paying on a per product basis, without taking on additional staff expenses.

Address remote office IT needs.

The workplace has shifted drastically in the wake of COVID-19. We shared some tips recently for businesses as they adjust to the demands of this new norm of remote work. To be clear, part of that plan should include consulting with an IT professional.

Employees working from home have opened the door in new ways to cybercriminals. It is imperative to have a dedicated team working twice as hard to counteract those risks.

Communication has largely taken place in a controlled, centralized environment. It has now been spread across open format platforms such as Zoom that are difficult to secure.

Globally, the Managed Services market is on track to meet growth projections from $178.5 billion in 2019 to 309.4 billion by 2025. The COVID-19 pandemic may contribute to market growth estimates being reached sooner due to an increased demand for cybersecurity talent.

If you are looking for an MSP to meet your business’s current IT needs, call us today and speak to a Starfish specialist. We’ll show you the difference between Starfish and other IT companies!

If you’re still wondering how Managed IT Services fit into your business model, here is some information you might find useful.

Phishing Scams Employees Must Avoid

In 2020, security threats have risen to an all-time high. Many of these threats come in the form of phishing scams. Phishing scams trick you into exposing sensitive information like passwords, account numbers and other personal information. 

This information in the wrong hands can be detrimental to any individual or business.  Scammers commonly pose as an individual or institution that you trust. For instance, they may do so through fake emails, websites, or social accounts. Commonly, they will assume the  identity of your bank, an online store you’ve purchased from, a government agency or even a coworker.

Top phishing scams of 2020

Scammers are constantly finding new ways to deceive innocent people. They change their tactics often to catch their unknowing victims off guard. As a result, thousands of phishing attacks take place every day. Here are some to watch out for:

  1. Typosquatting 

Hackers will buy domain names of common misspellings for reputable companies. For instance, to target Apple Customers, a hacker might purchase the domain “www.Appl.com”. Moreover, they can build a site that looks legitimate to any visitors unlucky enough to find it. That site could lead to malware being downloaded onto a device. Additionally, it may result in your information being collected during an attempted log-in.

  1. Fake Log-In Pages

Fake log-in pages mimic trusted sites like an email account. They can be fairly difficult to distinguish from a valid page. As a result, login credentials can easily be compromised. This is perhaps the easiest way for a hacker to gain access to an account.

  1. Business Email Targeting

Business email targeting is a phishing tactic focused on specific people within an organization. Technology and financial companies are the most frequent targets. Once scammers have gained access to specific business emails, they can use deceptive tactics to reach key stakeholders. As a result, they can extract business or personal funds from their intended victims. This type of phishing has risen with many employees working from home. We explore similar challenges and offer tips in a recent blogpost on cybersecurity tips for remote work.

  1. Deepfake Scamming

Deepfake technology uses artificial intelligence to manufacture fake audio content. In 2019, deepfake technology allowed scammers to extract nearly a quarter of a million from the CEO of a UK-based company. Similar scams will only rise in the approaching months. 

Can you stop phishing attempts?

The best way to stop phishing attempts is to ensure a secure network. Firstly, speak to your managed service provider or in-house IT team about how to properly safeguard your business from such attacks. If you don’t have a designated team to handle this, we’re happy to help. You can schedule a consultation today with a Starfish specialist to address all of your current security needs.

However, even with security systems in place, there is still a chance of some phishing attacks being successful. Secondly, you should always remain cautious of any suspicious emails and learn to recognize indications that an email is fraudulent. Be aware of language that is incongruent with the supposed sender.

Thirdly, start using multi-factor authentication for added protection. This protocol requires additional credentials outside of a username and password to access an account. These additional credentials form another security layer that is unlikely to be accessed by scammers.

Navigating the cyber world becomes more difficult each day with rising attempts from scammers. Stay updated with scams that are currently circulating. This will ensure you protect yourself and your business. 

Portland Bans Facial Recognition Software

Portland has become the fifth U.S city to block the use of facial recognition software.

Mayor Ted Wheeler and Commissioner Jo Ann Hardesty introduced a bill jointly that restricted use of the technology. It passed unanimously Wednesday, September 9, 2020.

The new law prevents police departments from using facial recognition software to identify suspects. It also keeps private businesses from using this software.

Delta Airlines had already began to use this software to allow entry onto flights. Moreover, a convenience store in Portland also used it to identify customers and grant store access.

Proponents of the software believe that there are many industries that would benefit from using it. However, facial recognition poses a threat for many reasons.

Why is facial recognition software problematic?

There could be consequences of collecting information without consent. This practice could result in the mishandling or selling of personal data.

Facial recognition software also contains flaws that make it unreliable for its proposed uses. An MIT study found that it showed a clear bias against women and those with darker complexions, often misidentifying them. According to a police department in Detroit, that misidentification occurred 96% of the time, resulting in wrongful arrests. 

“I don’t think anyone in their right mind would use a GPS that is wrong 96% of the time.  You would never get anywhere, especially on time!  So, why would a police department or business arrest someone or ban them from their store based on facial recognition that is inaccurate so often?” said RJ Arhar, CEO of Starfish Computer Corporation.  

It’s not acceptable to trust unreliable software to make such life-altering decisions.

“Imagine if you were that person that was wrongfully identified, arrested and prosecuted, explained RJ Arhar. “Either the technology is not good enough or the people running it don’t know how to use it.  In either, case this is where the technical solution is not solving a problem, it is creating one.  It may work in the movies but it is not ready for the real world.  That’s not to say that it will not work in the future but with that high of a false positive rate it should not be relied upon.”

How Portland compares to other cities in the U.S

As of now, Portland’s ban is the strictest facial recognition ban in the nation, perhaps in the world. There is one major distinction between Portland and other cities who have banned facial recognition software. Those cities did not include private businesses.

Portland takes a step further in its legislation with the introduction of two separate bills. Each bill addresses the private and public sector separately.

The city is leading the way by protecting the rights of its citizens. City leaders hope to serve as a model to other cities that will be faced with the same decision.

Until facial recognition software can perform with greater accuracy rates, it has no place in our society. For now, the risks outweigh the benefits. The best way to protect those most vulnerable to the flaws of this technology is not to use it at all.

5 Cybersecurity Tips for Working Remotely

The COVID-19 outbreak has not only changed the way we live, but it has completely altered the way most of us work. Due to the pandemic, countless companies around the globe have moved their staff from the office to the virtual world, making remote work the primary method of doing business. 

The technologically-advanced reality we live in enables companies and their employees to easily switch from office to remote work, and continue performing all regular duties without any interruptions or complications. In fact, a lot of people worked remotely, full-time or part-time, even before the global health crisis. 

While remote work helps protect people’s health, brings about positive shifts within a company, and increases productivity, it also comes with more than a few challenges. A lot of those challenges are linked to online security, since working at a home environment does not come with the same cybersecurity measures as working at an office. Thus, employees are more likely to make security mistakes at the comfort of their cyber-insecure homes than at the protected workplaces.

Considering the fact that online threats are everywhere, and have further increased with the rise of remote work, companies have to take additional cybersecurity measures and fully adapt their security policies in order to avoid breaches that could be devastating. 

Here are 5 things companies and workers can do to maintain a safe level of cybersecurity

  1. Use strong passwords and two-factor authentication

This policy of using extra strong passwords and two-factor authentication should be applicable to emails, domain names, applications, and everything else employees use on a daily basis to perform their tasks. Additionally, a company should enforce a policy of using different passwords for different things, since a lot of people have a tendency to use the same one across platforms. A business should also set automatic logouts after a period of inactivity, for further safety and security. 

  1. Audit and secure home working environments

It’s extremely important for employees to audit their homes and the devices they use for work, and secure potential threats. All devices, including laptops, phones, and etc. should be updated and scanned regularly, router passwords should be changed, and outdated software should be removed or replaced with newer software. Ideally, employees should perform all tasks on company-managed devices. 

  1. Always use VPN encryption

VPN or Virtual Private Networks are commonly used to bypass geographic restrictions on certain sites and view content that is only available at certain locations. However, they are also used for securing, encrypting and protecting employees’ online data, so that it can’t be exploited. 

  1. Beware of work-from-home scams

Online scams targeting remote workers are literally everywhere, since hackers and cybercriminals are increasingly looking to make money on IT security vulnerabilities that come with the new reality of working from home. Employees should take special precautions when opening emails, since many phishing messages look rather harmless. Companies should also advise employees to never click on links or download attachments from any emails that look even remotely out of the ordinary. 

  1. Avoid using public Wi-Fi networks and keep devices secure 

Companies should advise employees to avoid public Wi-Fi networks at all costs, since those networks can be accessed by many other people, and cybercriminals consistently use them to gain access to people’s data. If employees do have to work in a public space, or if they live with other people who aren’t allowed to see their work information, they have to keep their devices secure with passwords and encryptions.    

The Internet, Deep Web, and Dark Web, Explained

Everyone who uses the Internet has probably come across the terms “Deep Web” and “Dark Web” at a certain point. These terms are thrown around constantly, everywhere, in news, TV shows and movies, but especially in articles that cover IT security, hackers, data breaches and similar World Wide Web related topics.

Since these phrases can be quite confusing for the average Internet user, we’ve created this guide that covers all the basics. 

The Internet

This is pretty straightforward. The Internet is a global system of thousands of networks. We use the good ol’ Internet on a daily basis to access various websites, check our emails, communicate via Facebook, Instagram, other apps, and etc.

The Internet is not one centralized place and it is not owned by one single entity. Rather, it’s a decentralized network of networks that consists of lots of networks run by companies, governments, universities and other entities.   

The most popular way to publish information on the Internet is the internet application known as the World Wide Web. Most people believe it to be synonymous with the Internet itself, however, that’s not the case, as there are other internet applications as well.

The computer programs used to view websites are known as web browsers, the most popular being Google’s Chrome, Apple’s Safari, Mozilla’s Firefox, and others. 

Web searches are carried out through programs known as web search engines that “crawl” through the Internet, search for content, index that content, and rank it so that they can provide the best answer to a search query.

The Deep Web

This is where it gets more complicated. The Deep Web is the portion of the Internet that is not indexed by the big search engines. While the contents of the regular web can be accessed by everyone through a simple search, the contents of the Deep Web cannot, as they don’t appear in search results. 

In order to access something on the Deep Web, a user cannot simply type in a search query and get there. Instead, they need the direct URL or IP address. 

The Deep Web is not necessarily a bad and malicious part of the Internet. A lot of common things such as online banking, web mail, private social media profiles, videos hidden behind a subscription fee, and etc. are included there as well.  

In simple terms, search engines have limited crawling and indexing capabilities, which is why they cannot index the vast space that is the Deep Web. 

The Dark Web

This is where it gets even more complex. The Dark Web is the portion of the Deep Web that is not only not indexed by search engines, but it also requires special software and configurations that use encryption to anonymize web traffic, in order to access.

Since these tools, which include Tor (“The Onion Routing” project) and I2P (“Invisible Internet Project”), provide anonymity to both users who access the websites, and servers where those websites are hosted, the Dark Web is often used for criminal activities. However, due to its privacy, it is also used by law enforcement organizations, cryptologists, journalists and other legitimate businesses and individuals. 

Despite the anonymous nature of the Dark Web and the inability to access it without specific software, it can still affect average Internet users. With the rise of corporate and government hacks, comes the rise of stolen information about regular users and companies for sale on the Dark Web.  

Every user and every company is highly vulnerable to cyber attacks, which is why we offer a Free Dark Web Scan here at Starfish. With this scan, you’ll either receive an ALL-CLEAR or an ALERT of your current risks in just 24 hours.