SSAE18 SOC 2 Certified IT service provider Louisville Kentucky

Assuring Trust with Our SSAE18 SOC 2 Type 1 Certifications

Trust is integral to any business partnership, and when you are outsourcing your IT services it is even more crucial that you have confidence in your service provider’s security and reliability.

Empathy is engrained in our company through the ABS Way, and we understand that your data is one of your most important and sensitive assets.

That is why we have pursued becoming a SOC 2 Type 1 business, which means that a service auditor has examined our internal controls based on the trust services criteria relevant to security, availability, and confidentiality, and has attested that you can trust us with your sensitive data. Ultimately, it provides greater transparency which strengthens our customers’ confidence in our services. Read more

Survey Says

 

It is projected that global IT spending will reach $3.7 trillion with Enterprise software and IT services as the main leader in the growth for 2018. This is the largest predicted amount since 2007. John-David Lovelock at Gartner stated in a late release, “spending on IT around the world is growing at expected levels and is in line with expected global economic growth.” To give you a better understanding of how organizations around the world are viewing their IT budgets, a recent survey was taken amongst technology professional organizations in an attempt to determine the funding and spending priorities of all departments within the organization. The following questions were asked:

  • How much will your business spend on IT in the upcoming year?
  • How does the upcoming year’s IT budget compare with last year’s?
  • Compared to other business units, how much does your company’s leadership value the IT budget?
  • What percentage of the overall budget is allocated for IT?
  • What percentage of corporate technology spending comes from outside the IT budget? What are your top business technology spending priorities for the upcoming year?
  • How can vendors better assist with the budgeting process?
  • Who makes initial recommendations for items on the department budget?

Worldwide IT Spending Forecast (Billions of U.S. Dollars)

2017 Spending

2017 Growth (%)

2018 Spending

2018 Growth (%)

Data Center Systems

173

1.7

176

1.8

Enterprise Software

354

8.5

387

9.4

Devices

664

5.3

697

5.0

IT Services

931

4.0

980

5.3

Communications Services

1,387

0.9

1,417

2.2

Overall IT

3,508

3.3

3,658

4.3

Source: Gartner (October 2017)

Those who responded to the survey voiced that their highest priority purchases consisted of hardware and software purchases as well as cloud services. Nearly half of the respondents felt that their executive teams valued IT funding just as much as any other funding budget. While 36 percent of respondents felt that the IT budget of their organization was valued below all other budget funding. Overall, 53 percent of respondents voiced that they will seek stronger security measures. Unsurprisingly so, as security should be the top and main priority of any organization with all the risks in the IT arena today. If you have questions on IT budgeting, or you would like to make sure your company’s IT budget is being spent in a productive way, please contact us today!

 

DATTO SIRIS 3

SIRIS 3 is the newest data protection platform DATTO has to offer and it is also the data protection ABS chooses to use for our clients.With this newly structured version DATTO has created, we are able to offer protection to any physical, virtual, and cloud infrastructure on Windows, Mac or Linux. Clients and users not only have the luxury of backing up data on their own devices on their own schedules, but they have the luxury of creating exact copies to store in the DATTO Cloud. With zero hardware investment, SIRIS 3 provides faster backups and restore/recovery times.

 

As technology continues to advance and staying up-to-date is essential, original forms of backups such as tape, disk or online are no longer efficient.  SIRIS 3 is the most accurate and cost-effective form of data protection available today. Below is a comparison of the original ways in which we used to protect our data verses the new and improved way of protecting our data.

 

Original Forms of Backup

Intelligent Businesses Continuity 

Weekly disaster recovery time, if data is recoverable Hours, minutes or seconds to recover data that is recoverable
Fully managed by an administrator leading to error Automated backup processes, involving minimal human management
Time consuming and expensive to store physical copies of backups Each backup is automatically saved in multiple locations
Slower backup speeds Files are quickly transfer even with buy networks and low bandwidth
Prioritizing important data, files and applications is difficult Data is prioritized to be transferred offsite first
Physical and virtual conversions are time consuming Instant visualization in seconds
One location is risky for data and backups Backups are stored on a local device and in the cloud to avoid downtime
Encrypting data limitations and is risky for industry regulations such as HIPAA, SOX, etc To meet industry regulations, AES 26 and SSL key-based encryptions are used to ensure data is safe
Higher tape failure risks up to 50% Lower risks of corrupted backups and data loss
Potential for theft of loss of media Offsite backups are stored in SSAE16 Type II data centers
The average cost of downtime is approximately $163,674 per hour Ability to keep your business running in times of disaster

 

Traditional forms of protection can no longer provide the most up-to-date and accurate protection an organization needs. DATTO’s Intelligent Business Continuity provides a quicker turnaround time from weeks to hours, minutes or even seconds! The new and improved data protection solutions that ABS offers, such as SIRIS 3 provided by DATTO, are the best ways to secure your personal data as well as your business’ critical data. If you would like to know the cost of downtime for your business, or you are interested in a business continuity solution that will virtually eliminate the risk of data loss, lengthy downtime, and expensive backup equipment to manage, please reach out to us today!

ABS Enterprise

At Advanced Business Solutions we offer many services in which bring years of experience, excellence and comfort to many clients ranging from Project Management to Strategic Planning Services. Below you will see an outline and summary of each item we offer and why we are the best at what we do. If there are any questions regarding any one of these items or if more information is desired, please reach out to us today!

 

EHR/EMR Solutions:

Whether your organization requires a solution for Electronic Health Record (EHR), Electronic Medical Record (EMR) or Ambulatory Electronic Medical Record, our skilled Enterprise Team can help lead the charge. Our dedicated team of experts carry years of experience helping healthcare systems of various sizes with EMR roll out, offering support that is catered to the organization’s needs. While other companies may send out an IT person to deploy or roll out solutions related to EHR/EMR, our team of professionals and experts bring with them not only a knowledge for IT, but also an extensive background in healthcare. This pairing of professional backgrounds gives us an edge over our competition, as we blend knowledge of IT and healthcare to carefully select and roll out the best solution to match your needs. We take pride in implementing your EHR/EMR systems with sound infrastructure from switches, routers, and the necessary equipment to run your system. We make sure you have the bandwidth and infrastructure to run smoothly and efficiently each and every day.

 

Project Management:

For all your project management needs, ABS PMTs and certified PMTs are at your service. Our large group of certified PMTs is what we like to call the ABS difference. While other companies may offer project management services, the ABS project management team empowers its peers to seek advanced certification beyond what’s required or standard in the field of project management. The end result is a team dedicated to finding new and efficient ways to roll out small, medium, and large projects for its customers. Not only can ABS handle project of various sizes, but we’re also equipped to tackle a multitude of industries. From your healthcare, banking, government needs- just to name a few-ABS can help. ABS has a whole toolbox of skills and resources to implement or roll out any project you can dream up. With flexibility and decades of experience in a variety of industries of all sizes, ABS has a solution for you.

 

Remote Monitoring & Management:

Our sophisticated, state of the art Remote Monitoring and Management (RMM) tool allows us to monitor the vitals of each individual system in real time. While other companies may wait for a call before troubleshooting issues of critical or minor scale, ABS begins working to solve such problems right away. With the help of an RMM tool, ABS will often diagnose and create solutions for problems even before the customer knows there is a problem to begin with. While our business model calls for swift action to solve customer problems quickly and efficiently, we’ll never leave you in the dark. An ABS team member will happily notify the customer of any changes being made, what is happening, and why the change is necessary.

Our RMM tool allows our customers to focus on their primary line of business and not have to worry about IT issues and unplanned downtime. In other words, we do our job so that you can focus on yours. With a customer-centric model to meet your needs, ABS is dedicated to tackling problems and finding proper solutions for our customers without delay. We understand that our infrastructure is crucial to your business needs, and you need it to run as smoothly and efficiently as possible. Our tools and processes allow us to deliver efficient and quality IT service.

 

Structured Cabling:

 At ABS, we view structured cabling as the backbone of IT infracture connecting employees to data, devices, and the internet. While structured cabling is a standard practice within the world of IT, it remains a necessity and important component for customers. Our expertise puts ABS in a class of it’s own. For over twenty years ABS has been a leader in network and data cabling installation. We believe that our level of experience is what sets us apart from our competitors, and directly impacts you as a customer. By following proven project management processes and methodologies, great quality is and always has been, the ABS guarantee.

 

Onsite Staff Augmentation:

With onsite staff augmentation, ABS can help organizations big or small with any staffing needs they may have. We’re not just your ordinary staffing agency. We go above and beyond, helping organizations to develop short-term and long-term staffing goals. No two businesses are identical. We understand this. ABS takes a case by case approach to work within your unique needs to reach the goals set for you and your team or organization. With ABS, you’re putting your trust in experienced IT professionals who come from a great deal of experiences and backgrounds. By tapping into these past experiences, our experts can better serve you by making recommendations for how to best reach your goals with a strategic team and partner approach.

 

Messaging and Communication:

ABS offers messaging and communication services for a large number of customers. Using the latest and greatest technology, ABS puts the customers in the driver seat to conduct everyday business more efficiently. One example of messaging and communication services we offer would be cloud-based technology such as Office 365. Offered and implemented for customers looking to access business information and programs on-the-go, this tool consists of several products and services including Microsoft Word, Excel, Powerpoint, E-mail, Skype, and more. Skype for Business is an enterprise software used as an instant-messaging client. ABS has significant experience migrating clients to cloud-based services such as Office 365, and can do the same for your organization if your needs and goals align. As part of our case by case methodology, ABS is dedicated to work as a partner with your organization, to understand your specific needs and recommend the best solution(s) to meet your goals.

 

Help Desk:

While some may think of Help Desk as a receptionist level of support—take a call, triage a ticket, escalate it to whoever can work on it—ABS does help desk a bit differently. Our help desk is comprised of a team of local technicians at the ready to aid with your support needs quickly and efficiently. Well over half of the calls or emails ABS receives are handled and ultimately resolved by our help desk. Our resolution process takes a tiered approach from help desk, support team 1, support team 2, and so on. This model allows our help desk technicians to assess and analyze the issues at hand, quickly, to either handle your situation on the spot or escalate it to a higher tier for more specialized support. We understand that your business suffers when your software or hardware isn’t functioning properly. Therefore, you’ll never hear us say, “we’ll call you back in an hour” or “we’ll send someone out next week”. Our top priority is to find the proper resolution as quickly and efficiently as possible, so we’ll be there to work through your problems either with a live help desk person answering phones or a technician out in the field, if necessary. We take a personalized relationship-driven approach, and we think you’ll find that in our business model, the ABS Way. This set of principles, which guides everything we do and stand for as ABS employees states the following:

The ABS Way

-We help people.

-We don’t choose our clients; they choose us.

-Set expectations every time.

-Do what you say you are going to do.

-Be part of the solution, not part of the problem.

-Empathize
-Anticipate

-Be proactive

-If the client isn’t happy, it is your responsibility.

-Make the client feel good.

-Finish the job.

-The client is your boss.

-Solve the problem, just get it done. Nothing is beneath you.

-“Trust and Integrity” is the foundation of our relationship.

 

In everything we do at ABS, we treat you like a person, not a number. So when it comes to Help Desk, there’s no exception. While our competitors tend to focus on “red tape” and strict escalation paths for finding solutions through help desk services they offer, ABS trusts its skilled team of technicians to find the right solution for the customer without a strict, or price-based help desk model. Therefore, no matter if you need a password change that can be handled by a help desk technician in 5 minutes or require a couple hours of on-site work from an experienced tier 3 technician, you won’t pay any extra fees for an ABS top-tiered help desk technician. We believe that mistakes are often made when the wrong information changes hands, so by spending the time and deploying the right people for your unique situation or technical problem, resolution times are not only quicker, but also the best option for your organization moving forward. Quick and efficient resolutions are our mantra, which means we’re not just thinking about how your problem can be resolved for today, but for the long haul. Have a question? Ask us. We’re happy to make recommendations and talk through solutions with our customers. That’s what we’re here for, and your satisfaction is important to us.

 

Workstation & Server Support:

 ABS is equipped to provide support for your organization’s workstation and server needs. As an extension of our help desk, workstation & server support each follow the basic premise of finding solutions to your problems. Whether those problems be big or small, we’re here to assist you and reach the proper solution for not just the problem at hand, but the bigger picture of your organization’s IT infrastructure. The ABS team of certified professionals are committed to staying on the cutting edge and exploring new and ever-changing technology. This means that you’re not limited to a solution that will work “for now” but for many years to come. At ABS, we’re passionate about our work, and understand that the right knowledge about solutions and processes directly benefits the work that YOU do, too.

 

We’ve been there. We’ve seen what works, and what hasn’t, and this helps us to better serve you and your needs. With workstation & server support, the process has changed quite a bit over the years. The old days of buying a big physical box server have largely become replaced with virtual servers. As the technology improves, the entire process improves and becomes more efficient. Being a customer-focused company first and foremost means our entire toolbox and wealth of resources are at our customer’s disposal.

 

Following the ABS Way in everything we do for our customers, we take a great amount of pride in providing a human element to IT solutions and services. In doing so, we often go above and beyond the standard of support. For example, if while on-site in your workstation we notice a broken printer down the hall, we aren’t going to stop at just fixing the workstation. While your initial call may be about one specific problem requiring a solution for your server or workstation, we may end up solving 5-6 more problems that come up as we work to solve the first. As full-service IT experts, we take a look at the entire infrastructure to promote quality and efficient processes daily, and we won’t settle for less than the best for our customers. As students of our craft always looking to improve, we don’t just fix what’s broken, but rather seek to answer the question of why it broke in the first place. If there’s a more permanent solution, we find it.

 

 

Backup & Disaster Recovery:

Backup & Disaster Recovery is crucial to any business, as it backs up your company’s data and moves it off-site should a disaster strike or data be lost from the initial source for any number of reasons. Here’s how it works: The ABS team of backup & disaster recovery experts will take a snapshot of your data, store it on a hard drive that starts out at your facility and eventually is shipped off-site over the internet or to an off-site data center of your choosing for safe keeping. This during a flood, tornado, or any other unforeseen event. You need to be able to keep your business running, and backing up data off-site is the way to do it. ABS has a portfolio of solutions for backup & disaster recovery. When it comes to disaster recovery services, we can cater it to your exact specifications, making our own recommendations based on what we know about you and your business. While you may approach us knowing you want backups of all your data every 15 minutes housed in this city, state, or country—and we’re happy to do that for you—it is our top priority to provide recommendations that give our customers the best backup and recovery package for the right price.

In other words, while you can certainly pay a substantial amount of money to have complete protection of your data, our team of backup and discovery experts can take the necessary time it takes to design a good solution that is realistic, costs less, and doesn’t sacrifice quality of service. We at ABS pride ourselves on that. We are not beholden to any particular solution, but we do know what works and what doesn’t work. Once we implement your solution, we stand behind it. We’ll service it, we’ll make sure that it runs every day. If it fails, we’ll fix it. But backups are critical, and we are certainly happy to help build your ideal solution should you ever need it.

As technology improves, it is becoming more and more difficult to protect your data and sensitive information. Unfortunately, a good backup is sometimes the only real solution when faced with highly intelligent issues such as ransomware, a virus that infects and encrypts files, causing organizations and users to pay a fee for the encryption key to unlock the information you own. In this situation, a backup would allow you to instantly restore your files, making the right solution all the more vital. ABS’ robust offering provides customers with on-site and off-site disaster recovery, backup retention, and highly customizeable solutions. So whether you choose to store your data in a data center housed in Louisville, KY or anywhere else around the world, ABS can build a solution that’s uniquely yours.

 

Virtualization:

The days of purchasing separate servers for your file server, mail server, web server, application server, and domain controller are over. Between high replacement cost of faulty servers and limited functionality (servers that could only output a single function), virtualization has become a reliable and ever-evolving replacement. While there are several analogies to describe what virtualization is all about, essentially what is happening with virtualiztion is this: a single server run with virtualization software allows users to allocate virtual resources in a much more efficient way. In other words, virtualization allows several smaller pieces or servers to be housed within one main server capable of supporting a great deal of information and data concurrently. Virtualization is an added benefit to the software and hardware that is already built into your server or computer because of its high level of sophistication and ability to multi-task.

 

Perhaps you’re comfortable with your current setup, and aren’t yet convinced that virtualization is for you. You may be asking yourself, “Why should I consider virtualization?” At ABS, we believe there are three main reasons customers often choose to implement virtualization:

 

  1. Cost effectiveness
  2. increased up-time
  3. Scalability

 

Rather than paying thousands of dollars to repair and replace separate servers, you can pay a fraction of the cost to implement virtualization software. With virtualization, your server functions on a sliding scale, making storage increase and scalability a breeze. All the while, you’re avoiding additional hardware costs, increasing the resources available on your server, and saving valuable company time. With virtualization, you can spend less time replacing and repairing hardware, and more time focusing on your work.

Want to learn more? Ask an ABS team member how virtualization can improve your organization’s workspace or server infrastructure. We have experience virtualizing at all different levels, from 2 servers to 2,000 servers. You can virtualize work stations. You can virtualize storage. There are a ton of options there, and we at ABS have experience in all realms.

 

Managed Services:

As a managed service provider, ABS has a number of components or services to offer your organization. Our flexibility is what makes us different than our competiton. This means we can be anything you want us to be when it comes to your specific IT needs. We have over 20 years of experience working with companies small, medium, and large in numerous backgrounds and fields. You name it, chances are we’ve done it. And while we believe in the importance of carrying our experiences, successes, and failures to grow and learn how to always better ourselves and our client offerings, our human-approach based on unique customer needs will never be compromised. Therefore, if you need help with a small IT project, or are looking to hire a full-service IT department, ABS is at your service. With managed services, you’ll pay a monthly fee to receive the level of IT support you need. Beneath the umbrella of managed services are concepts that we at ABS are well-versed in, as well as areas we’ve invested in. We don’t expect our customers to be IT experts themselves. That’s our job, not yours. However, if there is anything you’d like to learn more about, or areas of your IT infrastructure that you wish to improve upon, please don’t hesitate to give us a call. That’s what we’re here for.

 

From help desk services to on-site support for work stations and servers, project management, project implementation, solutions design, and strategic planning, you can rest assured that ABS has a solution to align with your needs and exceed your short- term and long-term goals. We can be the low level technician, the project tech, the escalation tech, the supervisor, the manager, and the CIO all rolled into one, if you want us to be. Our expertise and resources are yours for the taking. Give us a call to discuss your organization’s needs for managed services.

 

Network & Security Services:

Network and security services focuses on the health of your business’s network. Our checklist upon initial investigation will help us answer the following questions: Is it available? Is it secure? Does it meet your requirements? ABS is equipped to align connectivity, security, & reliability with your organization’s overall technical and business objectives. By deploying a toolbox of resources and skilled technicians, we will analyze your entire network infrastructure and make updates and security improvements where needed. We understand that keeping company data secure is a top priority for any business. With technology always at our fingertips, we are constantly putting our sensitive data at risk for cyber criminals to compromise. With added security measures, we can limit these types of breaches while allowing you to continue to work efficiently. Our security solutions empower businesses to be more resilient to changes and threats to pertinent data, and allows customers to redirect their focus to the work at hand without constant worry that their data is being mined, hacked, or destroyed.

 

Network and Security Services aren’t one size fits all. We create a strategic plan or blueprint based on the unique needs of your business, with specifications we set together, following our initial audit of your current infrastructure. This security audit drives the conversation to give you the security you need, leaving out what you don’t. Our goal is to protect your data, and by starting with your organizations pain points or network threats, we will create a plan to provide that protection. Contact ABS today to setup a security audit for your organization.

 

Strategic Planning Services:

We work with our Strategic Planning Services customers to outline their business’s goals and develop strategies to align technology with the organization to accomplish those objectives. Through assessment, analysis, documentation and planning, we address process and gaps to outline a unique plan for your business to implement cost-conscious integrated solutions using the strengths of your organization to meet your business goals. As your full-service IT company, we’re always here for you, being as involved or hands-off as your needs require. Strategic Planning Services are not just for enterprise organizations: they are ideal for growing organizations and companies who may not have an IT staff on a full-time basis, but need to receive services of strategic planning, CIO services, or strategic consulting. ABS can be the technology resource extension your company needs, serving as a trusted advisor and quickly become a virtual part of your organization. With ABS, customers can expect a robust strategic CIO or strategic service package to help them reach goals.

 

Best Practice Optimization:

The ABS team has decades of experience implementing technology and best practice to improve business processes for its customers. Customers of our Best Practices Optimization services can expect faster, more cost effective processes from an experienced vendor in both the public and private sectors. Our approach is two-pronged from an organizational proccess standpoint as well as data security, technical design, and architecture. ABS aligns with your business’ maturity level. We have experience in small, medium, and enterprise level organizations in both the public and private sector. This experience coupled with our human-centric business model outlined in the “ABS Way” differentiates us from our competitors not only for best practice optimization but for our entire offering of managed services.

 

Cloud Services:

If your organization is looking to migrate from older, legacy, architecture on-premise hardware, cloud services can provide a more scalable option than its predecessors. Cloud services are now a viable option for a variety of organizations, from enterprise level companies to small and medium-sized businesses, and even for startups. Cloud services provide a much easier way to get all your HRM, ERP, small business phone system needs in one place, remotely accessible, without ever having to leave your devices.

 

Cloud services can eliminate the need for all those capital investments, allowing you to pay a subscription fees which provide you with not only the latest versions and updates, but tiers of support to meet your needs. Cloud service integration with ABS includes:

 

1) Understanding your business’ needs

2) Reviewing your current processes and architecture to prepare your business for cloud services

3) Transitioning your business to cloud services

 

Our team of cloud service experts are experienced and able to work with your current infrastructure or programs. We plan and execute your migration, then manage your infrastructure and monitor it once it has been migrated. Our cloud services integration process starts with the strategic services to understand your environment. We leverage the strategic planning services to outline where those business goals align and where the gaps are in your technology. The initial audit in conjunction with your business processes will determine if cloud services are the best solution for your organization. We’ll only recommend processes that make sense for your business. If it fits the business needs, the organizational operating methodologies, and align with budgetary and security standpoints, we make the recommendations necessary to design a roadmap to success.

 

Storage Solutions:

While no two businesses are identical, data protection is always our top priority. Analysis of your current resources and projected growth and goals will guide our solution design to best meet your requirements. ABS focuses on regulatory compliance needs, availability needs, and implements secure, dependable, and recoverable solutions. No matter what your current storage process may be, ABS has a solution to fit your needs, now, and for the trajectory of your growth for years to come.

 

 

 

Who Is Your IT Company Actually Working For?

Have you ever wondered who your IT company actually is? There are many organizations that have wondered the same. Here are several relevant and important questions to ask your company’s decision makers about the company you are trusting with important and sensitive information:                     

  1. Is your current IT company meeting THEIR objectives and YOUR goals?
  2. How quickly is your IT company available in a critical situation?
  3. Are you being told what you should do?
  4. Do you fully understand your IT contract?
  5. Is your IT company keeping up with the latest knowledge required for your industry?
  6. Do you know if your IT company has “tiered pricing” or hidden fees that weren’t mentioned in your initial agreement?
  7. Is your IT company’s technical ability up to what you need for your organization?
  8. Is your IT company ready to “pick up the ball” before discussing price?
  9. How many resources does your IT company have available?
  10. Is your outsourcing being outsourced?
  11. Do you know exactly who you will talk to if you call your IT company?
  12. Does your IT company know what they are doing or do they rely on someone else for the tough questions?
  13. Does your IT company anticipate and prepare for your industry’s compliance changes?
  14. Does your IT company only operate during normal business hours or is there flexibility?
  15. Is your IT company an actual partner with you and your organization as well as your specific IT needs?

If you are not confident in ANY question you’ve answered, then it may be time to reconsider who you are receiving your IT services from. At ABS, we are devoted to helping organizations find and meet all of their objectives and goals to reach their full potential. If you need help deciding what those objectives and goals are, reach out to us TODAY and we will be happy to discuss and/or develop ways that can be catered to your organization’s needs.

iOS Source Code Leak to GitHub

February 7, 2018, Apple fought hard to remove a portion of iOS source code that was released and then posted on GitHub. The iOS source code was for a process called “iBoot,” originally reported by Motherboard. This process allows for the system to ensure that the code that is run when an iPhone is turned on, is indeed valid and from Apple. The source code leaked could enable hackers to easily access iOS vulnerabilities, despite the tight securities Apple is known for. After Apple filed a claim notice to GitHub, the source code was removed, but it may have been too little too late.

Though the source code has been taken down, there are still copies that are circulating throughout the web. According to Jonathan Levin, who spoke to Motherboard and who has knowledge of iOS and macOS system programming, this may be the biggest leak in history and is surprising since Apple is exceptional at safeguarding its users against such leaks.

Apple’s lawyers reluctantly conceded that the leak is valid. However, they tried to downplay the significance by stating that is was a “reproduction of Apple’s ‘iBoot’ source code,” the code, they reported “is responsible for ensuring trusted boot operation of Apple’s iOS software.” Although the code was allegedly the iOS 9 iBoot code, parts of it are likely still in use in iOS 11. Apple’s official request to have Github remove the code stated, “The ‘iBoot’ source code is proprietary and it includes Apple’s copyright notice. It is not open-source.”

Although, Apple confirmed that the leaked source code does contain admissible code information, they are not recognizing any security implications that may be impacted. Apple made a statement which may put users at ease. However, there are still some concerns, “Old source code from three years ago appears to have been leaked, but by design the security of our products doesn’t depend on the secrecy of our source code. There are many layers of hardware and software protections built into our products.”  Though Apple has attempted to brush off the leak, there are still concerns with it as the source code was able to make its way to the public, causing great concern for Apple. The source code leak, this time, may have been small, but what is stopping hackers or other harmful materials in the future?

Microsoft Releases Updates Changing the Way Nonprofits use Office 365

As technology continues to accelerate, it is easy to get lost and overwhelmed with intimidating information. ABS is making an effort to provide you with the latest IT news that could affect you and your organization.

As changes are underway to the Microsoft Software Donation Program, many nonprofits will see the difference in the coming months. Many nonprofits receive discounted Microsoft products through organizations like TechSoup. This will change in the near future and may impact many of our nonprofit partners.

TechSoup, along with Microsoft and other providers, is dedicated to expanding on current and new ways to support technology services and solutions for nonprofits and libraries. As technology advances, Microsoft and other providers wish to ensure that your organization is ready for the future and will be able to continue to deliver on your promises to serve.

The numerous changes to the Microsoft Donation Program will take effect on April 1, 2018. The first thing to note is that these new discounted offers will be referred to as Office 365 Volunteer SKU. This is an extension of the original Office 365. Secondly, product selection will be made easier. Microsoft is developing product donations to better serve small business organizations. This means that the standard versions of Office products that were offered before will continue to be offered to eligible nonprofits and libraries through TechSoup. However, premium versions of Microsoft products will only be available to eligible nonprofits and libraries at a discounted price and some of the larger nonprofits may see a price increase.

Unlike before, nonprofits and libraries will not have the limitation of only 10 title groups. Nonprofits and libraries will now have the option to choose from any Microsoft donated products, making it a bit easier to complete business operations.

Not everything will change. The program rules and eligibility will remain the same. Therefore, all eligibility rules will be carried out across all Microsoft nonprofit discounts.

Microsoft and ABS are dedicated to helping you decide which option is best for you and your organization. Changes can be scary and overwhelming, but ABS is here to help keep you informed as new information is released.

New Developments in Intel Spectre Meltdown Vulnerability

Do you remember Meltdown and Spectre, the Intel processor vulnerabilities we mentioned a few weeks ago? Well, Intel has recently rolled out a patch for the bugs – but be careful, it doesn’t come without issues.

To recap, the Meltdown and Spectre bugs are design flaws that result in a weakened separation in the secure kernel memory of most Intel processors. This causes secure data to become available to anyone who can exploit the vulnerability. This flaw was discovered recently, and is causing havoc in the IT industry due to the sheer number of potentially affected devices. Although it’s mostly Intel processors that are affected, it can be a potential threat to AMD systems as well, although the biggest hit for AMD has been the rollout of “fixes.” (more on that in a bit.) The overall impact of this flaw potentially opens users up to serious data vulnerabilities. These design flaws affect not only desktop and laptop computers, but also smartphones, tablets, and any other devices that use one of the affected processors.

Unfortunately, the patch itself is causing some major issues. Microsoft has found that the patch is causing particularly severe issues with some computers containing AMD processors. The patching of this vulnerability is widely known to cause a slowdown of the affected computers. It is even causing some AMD computers to lock up completely. According to The Verge, tests have shown a slowdown of up to 25 percent on some systems. Along with deteriorating performance, some computers with the patch are rebooting randomly, causing frustration for users. Microsoft has even had to roll back their patch due to the issues it has caused in some environments.

There are different variants of the Spectre and Meltdown bugs. So far, Intel has been able to create a patch that prevents the reboot issue for HP and Dell computers. However, Spectre Variant 2 and other variations of the exploits are still up in the air. Meanwhile, Google has rolled out an update called Retpoline that has successfully combatted the Spectre Variant 2 in the some Intel processors, but not all. So far, no one has found an overall fix.

Microsoft, Dell, and HP are currently advising against deploying most of the recently rolled out updates until they are sure they will fix all variations of the bugs while incurring the least possible side effects.

Although this has caused a huge stir in the IT industry, no exploits of these vulnerabilities have been found “in the wild” so far, so the race is on to develop a workable fix before hackers learn to fully exploit these vulnerabilities.  We will continue to keep you updated on the latest news regarding the Spectre and Meltdown vulnerabilities, as well as the recommended fixes as they are released.

Accenture - Photo Credit: MIchael Gray, Flickr

Accenture the Latest Breach of Client Data

In what seems to be a never ending cycle of news headlines surrounding data breaches, Accenture, a giant in the tech and cloud industries, appears to be the latest major company to breach client data. Reported as an accident, the company left four of its AWS S3 buckets open to the public, and ultimately, exposed hundreds of gigabytes of sensitive data.

Unfortunately, this isn’t the first case of major companies exposing sensitive client data in the way that Accenture has most recently. Verizon’s breach of 14 million customers was also reported to be the result of an AWS S3 cloud server misconfiguration.

While the news headlines will sadly continue, there are steps that can be taken to be proactive with the cybersecurity of your business and/or personal data. At ABS, we work with you to find the best solution for your business, install the necessary hardware and software, and provide service when you need it. Give us a call to see how we can protect your data and business before you find yourself in the middle of the latest data breach.

Credit: Healthcare IT News – “Accenture latest to breach client data due to misconfigured AWS server”

Cybersecurity Incident & Important Consumer Information

 

No Evidence of Unauthorized Access to Core Consumer or Commercial Credit Reporting Databases

Company to Offer Free Identity Theft Protection and Credit File Monitoring to All U.S. Consumers

September 7, 2017 — Equifax Inc. (NYSE: EFX) today announced a cybersecurity incident potentially impacting approximately 143 million U.S. consumers. Criminals exploited a U.S. website application vulnerability to gain access to certain files. Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.

The information accessed primarily includes names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed. As part of its investigation of this application vulnerability, Equifax also identified unauthorized access to limited personal information for certain UK and Canadian residents. Equifax will work with UK and Canadian regulators to determine appropriate next steps. The company has found no evidence that personal information of consumers in any other country has been impacted.

Equifax discovered the unauthorized access on July 29 of this year and acted immediately to stop the intrusion. The company promptly engaged a leading, independent cybersecurity firm that has been conducting a comprehensive forensic review to determine the scope of the intrusion, including the specific data impacted. Equifax also reported the criminal access to law enforcement and continues to work with authorities. While the company’s investigation is substantially complete, it remains ongoing and is expected to be completed in the coming weeks.“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said Chairman and Chief Executive Officer, Richard F. Smith. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident.”

Equifax has established a dedicated website, www.equifaxsecurity2017.com, to help consumers determine if their information has been potentially impacted and to sign up for credit file monitoring and identity theft protection. The offering, called TrustedID Premier, includes 3-Bureau credit monitoring of Equifax, Experian and TransUnion credit reports; copies of Equifax credit reports; the ability to lock and unlock Equifax credit reports; identity theft insurance; and Internet scanning for Social Security numbers – all complimentary to U.S. consumers for one year. The website also provides additional information on steps consumers can take to protect their personal information. Equifax recommends that consumers with additional questions visit www.equifaxsecurity2017.com or contact a dedicated call center at 866-447-7559, which the company set up to assist consumers. The call center is open every day (including weekends) from 7:00 a.m. – 1:00 a.m. Eastern time.

In addition to the website, Equifax will send direct mail notices to consumers whose credit card numbers or dispute documents with personal identifying information were impacted. Equifax also is in the process of contacting U.S. state and federal regulators and has sent written notifications to all U.S. state attorneys general, which includes Equifax contact information for regulator inquiries.

Equifax has engaged a leading, independent cybersecurity firm to conduct an assessment and provide recommendations on steps that can be taken to help prevent this type of incident from happening again.

CEO Smith said, “I’ve told our entire team that our goal can’t be simply to fix the problem and move on. Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will.”

About Equifax

Equifax is a global information solutions company that uses trusted unique data, innovative analytics, technology and industry expertise to power organizations and individuals around the world by transforming knowledge into insights that help make more informed business and personal decisions.

Headquartered in Atlanta, Ga., Equifax operates or has investments in 24 countries in North America, Central and South America, Europe and the Asia Pacific region. It is a member of Standard & Poor’s (S&P) 500® Index, and its common stock is traded on the New York Stock Exchange (NYSE) under the symbol EFX. Equifax employs approximately 9,900 employees worldwide.

Forward-Looking Statements

This release contains forward-looking statements and forward-looking information. These statements can be identified by expressions of belief, expectation or intention, as well as estimates and statements that are not historical fact. These statements are based on certain factors and assumptions with respect to the investigation of the cybersecurity incident to date. While the company believes these factors and assumptions to be reasonable based on information currently available, they may prove to be incorrect.

Several factors could cause actual results to differ materially from those expressed or implied in the forward-looking statements, including, but not limited to, the final results of the investigation, including the final scope of the intrusion, the type of information accessed and the number of consumers impacted. A summary of additional risks and uncertainties can be found in our Annual Report on Form 10-K for the year ended December 31, 2016, including without limitation under the captions “Item 1. Business — Governmental Regulation” and “– Forward-Looking Statements” and “Item 1A. Risk Factors,” and in our other filings with the U.S. Securities and Exchange Commission. Forward-looking statements are given only as at the date of this release and the company disclaims any obligation to update or revise the forward-looking statements, whether as a result of new information, future events or otherwise, except as required by law.

Contacts:

Ines Gutzmer
Corporate Communications
mediainquiries@equifax.com
404-885-8555