Articles by Davis Merrey

A customer recently asked me, “Why do I need this service to backup Microsoft 365? Doesn’t Microsoft already do that?” Actually, no. Microsoft’s Shared Responsibility Model clearly states that Microsoft is responsible for application uptime and the underlying infrastructure, while it is the customer’s responsibility to manage and protect their vital business data.

Recent world events and the latest news headlines have brought more concern than ever over the possibility of international cyberattacks. Cybersecurity experts report that there are more than 26,000 cyberattacks daily, about 20 every minute! Unconventional means are being used by hackers to attempt to steal our data, disrupt our processes and even ruin our businesses and take away our quality of life. The conventional defenses of patching, anti-malware, and data security are not winning the battle.

Microsoft has announced changes to their Office 365 and Microsoft 365 programs beginning March 1, 2022. Microsoft is calling this change the NCE or New Commerce Experience. The largest components of NCE that will affect end-users are a price change and the option for a discount with a 12-month commitment. This will be Microsoft’s first price increase since they launched the program in 2011.  

Looks very official, doesn’t it? It appears as if it came from Microsoft and looks like other emails I receive through Outlook. A couple of years ago I probably would have been concerned that I had lost an important email and might have clicked on the “restore access” link. But now, because I have participated in my company’s Cybersecurity Awareness Training initiative (yes, we “practice what we preach”!), I have learned to examine the information about the sender of emails I receive for suspicious data, especially when the email asks me to click on a link.

Our new customer was competing for a contract for nearly $1 million but needed to apply for cybersecurity insurance and attain approval within ten business days.

With the release of Windows 11, Microsoft has touted several features that might entice you to upgrade your PC.  You may be asking yourself, “Should I upgrade or stick with Windows 10?” There are several factors you will want to consider.

Security awareness training is a great front-line defense against social engineering. The idea is to continuously stay aware of the latest techniques being used by hackers, how to identify them, and what to do when they are recognized for what they are. Employees are routinely tested on their awareness and defensive actions. Ask your MSP or IT manager about this, and if your budget allows, sign up for it. Your investment will likely be on the order of a few dollars and a few minutes of your employee’s time per month; it’s well worth it for most businesses.

According to a report from Verizon, 58% of malware attack victims are categorized as small businesses. According to a report by Ponemon, cyber attacks cost small and medium-sized businesses an average of more than $2 million. Some small businesses don’t survive the negative impact of a security issue, either due to cost alone or damage to their reputation.

Last month’s column about cybersecurity explored the idea of viewing your IT infrastructure in layers. The idea is to establish cybersecurity protections for each layer of your systems: the human layer, perimeter, network, endpoint, application, data, and the mission-critical layer.

We are frequently asked about best practices on how an organization should prioritize its cybersecurity defenses.