CategoriesPosts by

Email Encryption

Both Microsoft and Google support encryption for their business accounts.  If you’ve moved your business to Microsoft 365 or Google Workspace, you likely did so for the peace of mind that comes with “enterprise-grade security.” You’ve seen the marketing: your data is protected. But here is the catch that many business owners miss: 

The high-level encryption you need to protect sensitive client data is almost never turned on by default.

In the world of cloud security, there is a big difference between “the connection is secure” and “the file is locked.” While Google and Microsoft keep their servers safe, they leave the most important security “switches” in your hands. If you haven’t flipped them, your sensitive emails and files are essentially sitting in a folder that’s closed, but not actually locked.

Why “Standard” Security Isn’t Enough

Think of standard encryption like a delivery truck. It’s great at making sure no one steals your package while it’s driving down the road. But once that package sits on a porch, anyone can open it.

Advanced encryption—the kind that isn’t enabled automatically—is like putting a combination lock directly on the box. Only the person with the code can see what’s inside, no matter where the box ends up.

Why “Doing It Yourself” is Risky

Enabling these features isn’t as simple as checking a box. If configured incorrectly, you can accidentally lock yourself out of your own files or make it so difficult for your team to work that they start using personal, unsecure email accounts just to get things done.

How Creekside Systems Helps You Secure Your Data

At Creekside Systems, we specialize in bridging the gap between “out of the box” settings and true data safety. We don’t just turn on encryption; we make it work for your specific business by educating you and your users on how to best use the features including:

  • Custom “Auto-Locking”: We can set up your system to recognize sensitive data (like social security numbers) and encrypt it automatically so your team doesn’t have to remember to do it.
  • Seamless Access: We make sure your customers can actually open the secure files you send them without needing a degree in computer science.
  • Total Peace of Mind: We audit your current setup to ensure you aren’t paying for high-end security features that are currently sitting idle.

Don’t leave your most valuable asset—your customer’s trust—to default settings. Contact Creekside Systems today for a security audit, and let’s make sure your “private” data stays exactly that: private.

Is your team currently handling sensitive data over email, or are you looking to shore up your compliance for the coming year?

CategoriesPosts by

The Goal to Be Serverless

When we speak with potential and existing customers, we are often asked to install a server to provide one or more functions; a centralized file repository or host a centralized application.  Many business owners don’t feel comfortable with the concept of storing files or using an application that’s hosted in the cloud.  The most common objection we hear is “well if it’s hosted in the cloud then anybody can access it.”  This is a common misunderstanding by those who don’t understand the risks of on-premise hosting compared with cloud hosting.  We stumble upon the lack of security controls common with on premise applications which puts sensitive data at risk.  In this post, I will also discuss 3 major responsibilities when running on premise compute versus cloud provided.

1. Patch Management

Patch Management is a monthly recurring responsibility where an IT security expert or IT infrastructure expert will regularly review vendor vulnerability disclosure announcements, understand the workarounds or software patches that mitigate these vulnerabilities and take the necessary measures to implement these best practices.  Implementation can mean, the scheduling of downtime (during non-business hours) to install or configure the countermeasure and verify the vulnerability no longer exists.  Since many of these vulnerabilities may be discovered on many different systems at the same time, these issues must be prioritized in terms of business risk and planned to be addressed in such order.  Compliance and regulatory requirements will dictate that these procedures must be reviewed and made actionable on a monthly basis and a risk officer must attest to this.  

2. Proper and routine backups

System backups are the absolute last thing that gets implemented in any systems deployment. When have you recently tested a recovery to operations in a simulated failure to practice an outage caused by hardware failure or a security incident such as ransomware?

Implementation in an on-premise deployment must be handled by the local IT personnel and practiced on a regular basis where in a cloud offering, is provided as part of the monthly service.  Since the vendor provides this as a service you are not required in most audit scenarios to provide proof of compliance other than retrieving the vendors proof of compliance.  

3. Complex management

Commonly we see more than one application provide the same service to the same company. Examples such as ACT and SalesForce, Slack and Teams, Google Workspace and Microsoft 365. These are all cloud hosted solutions but we also see multiple redundant on premise applications which provide many different management consoles for administrators to learn and run.  We can help you streamline your applications so that you save redundant IT costs.  

 

We can help you move to a cloud first environment which your business will benefit from having employees who are remotely located, reduced IT management costs and also reduced downtime from misconfigurations and security incidents. 

 

CategoriesPosts by

Employee Provided Computers

In this modern world of work from anywhere, the need for a corporate standardized laptop or desktop has waned in a big way. Given the impact of hardware availability, location of your workforce, and the adoption of cloud based computing, the power hungry laptop has become a thing of the past and been replaced by the “dumb terminal” with a simple web browser. In recent discussions with our customers about what their normal users do with their computer needs on a day to day basis, here are the main use cases:

Read More
CategoriesPosts by

You Have a Website, But Where is the Traffic?

 

Top 3 Steps To Search Engine Optimization

Analytics.  We use Google Analytics and other tools to analyze existing traffic, identify top keywords, research the best searches for your site, and build out a plan for attracting traffic.Speed & Usability.  Search engines taken into account speed, accessibility, and mobile design when placing your site in their rankings.  We make sure everything aligns with current best design techniques so nothing gets between you and being found.  Connections, Connections, Connections.  The key to being found on the internet is building links between other sites and sources of traffic.  Whether it’s adding your site to Google Maps, sharing links between related websites, or strengthening your presence on Social Media, Creekside finds ways to build traffic to your website.