Posts

An Effective Approach to Communication Resilience

We want to underscore a vital truth: Even with significant investments in continuity planning and infrastructure, no communication solution is immune to unexpected failures.

Whether it’s an internet outage, a severed cable, or a data center affected by severe weather, these disruptions can occur despite our best efforts.

Fortunately, we can report that no TCI customers faced outages during the CrowdStrike incident in late July. This is a testament to the unwavering commitment to communication resilience we share with Mitel, our strategic technology partner.

Communication resilience is especially vital in mission-critical sectors where failures can have devastating consequences:

  • Hospitality and Entertainment – Consider airports that experience service disruptions and challenges communicating with customers during downtime. Handling communication surge events in the aftermath adds to their burden.
  • Healthcare and Emergency Services – Some providers will revert to pen and paper when access to electronic health records and other critical systems is lost. This shift highlights the vital need for uninterrupted communication channels in high-stakes environments.
  • Public Sector Operations – During the CrowdStrike outage, states like Alaska and New Hampshire experienced significant disruptions in emergency services. 911 systems went offline, affecting the public’s ability to get timely help.

The economic impact of outages can be staggering. Insurer Parametrix predicts that the CrowdStrike event alone could cost Fortune 500 companies over $5 billion in direct losses.

The TCI and Mitel Approach to Communication Resilience

These are known challenges for any digitally driven organization. Our shared approach prevents or mitigates failures, outages, and breaches through a comprehensive and multi-faceted strategy:

1. Embracing Hybrid Infrastructure – We believe hybrid infrastructure is essential for ensuring resilience:

  • Cost-Effective Support: Hybrid models accommodate diverse work styles and offer hands-on control over the environment.
  • Built-in Redundancies: Our solutions, with failover capabilities and geo-separated deployments, are designed to minimize the risk of communication downtime.

2. Security as a Core Principle – Security is not an afterthought in our solutions; it’s integrated from the ground up:

  • Vulnerability Intelligence and Secure Application Development: We embed best practices into our processes to ensure robust security.
  • Advanced Encryption: Our products adhere to the latest signaling and media encryption security standards, providing end-to-end protection.
  • Proven Expertise: With years of experience securing communications in multi-vendor environments, our solutions are well-tested and reliable.
  • Software Assurance (SWA): This feature ensures your Mitel solutions remain up-to-date and protected.

3. Compliance and Partnerships – We take pride in our compliance with a wide range of standards:

  • Certifications: Our services and solutions support rigorous standards, including DoD JITC, HIPAA, Dodd-Frank Act, MiFID II, DORA, MaRisk, FedRAMP, and ISO27001.
  • Security Partnerships: We collaborate with leading security firms, such as McAfee, Trend Micro, Check Point, Fortinet, Imprivata, TippingPoint, and IronPort, to provide comprehensive coverage.
  • Multi-Vendor Expertise: Our experience with multi-vendor environments helps map end-to-end security for your communication infrastructure.

Looking Ahead

TCI and Mitel’s engagement with security standards organizations like the Cloud Security Alliance and CIS Benchmark and adherence to IETF RFC recommendations (including TLS 1.3) underscores our commitment to continuous improvement in security and resilience.

While no system can be entirely impervious to failure, our proactive measures in hybrid infrastructure, embedded security, and rigorous compliance frameworks ensure that we are prepared to meet and overcome the challenges of modern communication disruptions.

For those navigating the complex landscape of communication resilience, rest assured that TCI stands ready to support you with solutions designed to keep your operations secure and your communications uninterrupted.

Learn more about how to mitigate digital threats and keep your organization communicating. Contact the TCI experts at (703) 321-3030 or info@tcicomm.com.

 

6 Best Practices for a Stronger Cybersecurity Posture

How to Fortify Your Digital Fortress

Effective cybersecurity is not a “set it and forget it” panacea but an active, ongoing process. To establish a robust security foundation, your IT team must diligently implement and maintain these critical best practices:

1. Restrict Administrator Privileges

Limit administrator access on user devices. This simple step can thwart many attacks that rely on users inadvertently running malicious software. Without admin rights, users can’t install unauthorized programs, significantly reducing your attack surface.

2. Stay Current with Patches

Keeping software up to date is one of the most cost-effective security measures. Enable auto-updates where possible and prioritize vulnerabilities listed in CISA’s Known Exploited Vulnerabilities Catalog. Remember, many successful attacks exploit known vulnerabilities that have not yet been patched.

3. Implement and Verify Backup Systems

Don’t fall victim to ransomware due to inadequate backups. Regularly schedule backups for all critical systems and, crucially, test both partial and full restorations. Develop a comprehensive backup strategy, including frequency (continuous, hourly, weekly) and a detailed restoration plan.

4. Encrypt Laptop Drives

While smartphones and Chromebooks typically come with built-in encryption, Windows and Mac laptops often require manual configuration. Given the frequency of laptop theft or loss, ensuring your entire fleet has encrypted drives is essential for data protection.

5. Enforce Multi-Factor Authentication (MFA)

Don’t rely on user compliance alone. Implement technical controls to mandate MFA across your organization. Regularly audit for non-compliant accounts, paying special attention to new hires and staff who’ve recently changed devices.

6. Prioritize MFA for Admin Accounts

System administrators are prime targets for cybercriminals. Surprisingly, Microsoft reports that only about half of Azure Active Directory global admins use MFA. Make it a non-negotiable policy for all admin accounts to use MFA, as compromised admin credentials can lead to catastrophic breaches.

By consistently applying these practices, you’ll significantly enhance your organization’s cybersecurity posture, making it far more resilient against common attack vectors.

Your organization’s Voice Communications need to be protected too. Make sure your systems are secure. Contact TCI at (703) 321-3030 or GetHelp@tcicomm.com.
 

6 Cybersecurity Best Practices You Need to Implement in 2023

As the hybrid workforce has increased, so has the number of cybersecurity breaches. Fortunately, many of the security vulnerabilities that come with remote work can be minimized with clear-cut policies, training, and IT support for your remote workers. Here is a helpful checklist of best practices you can implement to better safeguard your organization.

1. No Public Wi-Fi

40% of the remote workforce spends time in public or shared spaces where privacy isn’t guaranteed. If your employees still want to work from Starbucks, instruct them to set up a personal hotspot on their mobile device to bypass the public Wi-Fi or have them use a virtual private network (VPN).

2. Be Aware of Your Surroundings and Communicate Responsibly

According to a Code 42 study, a laptop is stolen every 53 seconds in airports alone. Instruct your remote workers not to be careless with their work laptops. They should remain alert if they work in a public space. They should ensure no one can sit behind them and watch/record everything they do. Employees should take their devices to the restroom and avoid leaving them in their cars. On video calls, use headphones and employ safe screen-sharing practices.

3. Encrypt Stored Data and Update Devices & Apps

Make sure your remote workers are using devices set to encrypt stored data. Encryption encodes data to make it unreadable to anyone without the matching encryption key, password, or PIN. Keep devices, firewalls, and apps up to date. Developers are constantly working to close security gaps, so it’s essential to set the software to update automatically when patches are released.

4. Enable Email Encryption

Emails are another point of vulnerability for remote workers. Just as you want to ensure that all stored data is encrypted, it’s also a good idea to encrypt the data attached to any email. This will prevent an unintended recipient from viewing the information.

5. Disable all External Drives and Store Work in the Cloud

Consider disabling all external drives on work devices. USB thumb drives are popular vehicles for bad actors to use for malware attacks. Bad guys can install malware onto thumb drives and then distribute them where an unsuspecting worker would pick one up, and thinking it was theirs, plug it into their device. Use secure, cloud-based storage instead.

6. Update Password Policies and Enable Security Features

Instruct employees to choose strong, unique passwords and to have different passwords for different apps. Users can store passwords in an encrypted password manager or use a password generator to make them up. Two-factor authentication (2FA) adds another layer of security using a second or third identification element, like a key card, fingerprint, or text code, to verify identities. Turn on location-finding and remote wiping to manage devices if they get lost.

Final Thoughts

When you keep your communications platform up to date with the latest software and features, it will be protected with fixes that address security flaws and close security holes that could be exploited.

UC or voice platforms/services also require proactive updates to help ensure your business can head off cyberattacks on your communications systems.

TCI can help ensure your systems are continuously updated and secure. Contact us today: (703) 321-3030 or GetHelp@tcicomm.com.

 

5 Ways to Safeguard your Business from Cyber Threats

One thing that has been fueled by the pandemic is the increasing frequency and greater scope of IT cyber attacks. And still, many businesses remain ill-prepared. Over one-third of small business owners recently surveyed admit they were at risk of falling victim, and a third said they were not confident that their business would recover if attacked. Only half believed they were well prepared.

Although there are new cyber threats every day, here are five measures that can help protect your business from the threat of imminent attacks:

  1. Schedule Annual Risk Assessments – Before taking any steps to prevent cyber-attacks, you need to understand the threats that are out there and your organization’s vulnerabilities. Risk assessments need to be thorough and conducted at least once a year.
  2. Monitor Your IT and Phone Systems – Keep a close eye on all critical IT systems to mitigate imminent threats. Consider hiring a trusted partner to monitor your network traffic, phone systems, server environment, and data processes around the clock.
  3. Back Up and Encrypt Your Data – Team up with trusted Voice and IT experts to set up a reliable cloud-based backup infrastructure system. Encrypted and safely backed-up data can protect against a range of eavesdropping and ransomware attacks.
  4. Manage Admin Privileges – Ensure that employees have access only to the IT resources and data they need to complete their tasks. Limit IT privileges across the board, especially for installing new software and accessing or manipulating sensitive data. Restrict admin privileges to only a few individuals and immediately revoke privileges when people leave the organization.
  5. Train Your Team – Regardless of the cybersecurity measures you have in place, it’s crucial to ensure that your workforce is on board with security protocols. Schedule routine staff training sessions to establish cybersecurity awareness, responsibilities, and accountability across your business.

Defense is the Best Offense

It makes more sense to invest in preventive solutions now rather than scrambling to act after an attack. Keep in mind that a majority of businesses never recover from successful cyber attacks.

With all the dangers lurking out there, you can’t afford to take chances with your security posture. Contact TCI to discuss your Voice and IT security challenges: (703) 321-3030 or info@tcicomm.com.