malware attacks and wannacryIf nothing else, the events of the last week should illustrate the need for better managed computers and network infrastructure worldwide. When England’s National Health Service has employees resorting to paper files and France's Renault automobile factories sitting idle due to unpatched computers and servers and either out of date or inadequate firewalls there is a serious problem and frankly it's an epidemic.

How can this occur you ask? Let me give you a few examples:

Manufacturing and government healthcare systems often have homebrewed or one-off software that they use for information management. Access, Visual FoxPro and other consumer-grade databases are still in use all over the place and aren't encrypted. Some were created in the 90's and run only on 16 and 32 bit operating systems. There are plenty of Windows XP systems and dare I say even Windows 95 and 98 systems still in use today. Manufacturing companies have expensive machines that are controlled by or report to Windows computers. To update them may cost tens or even hundreds of thousands of dollars per machine.

Healthcare systems have their own challenges as well. Their record keeping predates modern electronic medical or health records programs (EMR/EHR). They created their own long before standards were in place for privacy and many were built on and for older operating systems. To rebuild them would be tremendously expensive and sometimes it can be impossible to transfer that data to any new program.

 

This risk extends into the private healthcare sector as well with medical professionals being required to maintain patient data sometimes long after the systems they're stored on and accessedHIPAA malware cybersecurity through being supported.  The challenge is that HIPAA standards require systems to be supported and sometimes encrypted and often those legacy systems aren't or can't.

This should not preclude someone from protecting these systems however while preserving their functionality. Typically I believe the management approach has been to hide one's head, hope and pray that nothing bad happens. The issue is that the will to change is not in place. It's expensive to migrate to any new system. It requires that time and money be invested. Think about what a pain it is to change cellphones, computers, heck even TVs. Scale that up to tens, hundreds or even thousands of employees and you get the idea of the pain involved.

We invested time and money last year is switching to new tools and updated tools last year. In the last 18 months we've:

  • Moved our whole company into a professional services automation (PSA) software platform, updated it and moved it to a new server.
  • Updated our remote monitoring and management (RMM) program to the latest and quite different version plus moved it to a new server.
  • Replaced our file server, our firewall and our unified communications messaging system.
  • Completely retooled our financials and accounting package and drastically improved reporting.

Was all that painful? You bet it was! Was it necessary? Frankly no, we could have continued along without those changes but that would have cost us significantly more time and money long term. These were proactive changes to be sure but still good and still painful. Short term pain is much better (however acute) than long term suffering.

If the above organizations or even you lack the finances, legal ability or yes, even will to make proactive changes then you'll have to use a different strategy.

That strategy is either partnering with a company that understands the benefits of proactive and intentional support and has the technical know how to protect these legacy systems that are or have to stay in place and in service until such time that they can be replaced or retired. If you have internal resources then make sure they have the same approach and the appropriate skill-sets.

I've been asked over the years what I do or what I-M Technology does. The fact is that we produce a product.  That product is a drama-free IT user experience in the workplace. We firmly believe that integrated managed technology powers productivity and we work every day to ensure that. So should everyone else in IT support. When the tools become obstacles they've lost their purpose for being.

At your service,

Stuart Bryan

Want to learn how we do it? Contact us to schedule a risk-free consultation.