As workers return to the office — and as other businesses implement a hybrid work environment — the technology used and level of security is more important than ever. We reached out to several experts to ask about how to leverage new technology while maintaining safe protocols, allowing flexibility and productivity to thrive.

Our experts:

• Neil Barnes, commercial product manager, Consolidated Communications. consolidated.com

• Tony Foglia, account executive, NH and Mass., and Rob Campbell, territory manager, NH and Mass., Connectivity Point. connectivitypoint.com

• Devi Momot CISSP, GSLC, GISP, chief executive officer, Twinstate Technologies. twinstate.com

• Keith Bamford, CEO and co-founder, Daystar. daystarinc.com

CONSOLIDATED COMMUNICATIONS

Neal Barnes, Commercial Product Manager

What is unified communications? What is the difference between cloud-based unified communications and on-site PBX?

Barnes: “We like to say that work is something you do, it’s not a place.

“The term unified communications (UC) simply means that all employees are able to access the same HD audio and video, messaging, screen sharing, file sharing and conferencing systems no matter where they are working from, and those systems can be accessed by multiple devices, including PCs, browsers, tablets and mobile phones. It’s everything you need, managed in one place.

“The difference between a cloud-based, or hosted, UC solution and more traditional onsite private branch exchange (PBX) is all in how they’re set-up and managed.

“With an on-site PBX, you physically buy and install the equipment in your office. In addition to the initial install, you also need to learn how to manage it to handle new lines, personnel changes or new features. There is usually a hefty fee for software maintenance and upgrades that will be needed over time. Typically, these are fairly complex servers that need expertise to make sure they operate to meet the needs of the business. Most companies no longer have internal IT teams that are qualified to manage this equipment or budgets to pay for third-party integrators to do that for them.

“In the cloud example, all the intelligence to manage incoming and outgoing calls, call routing, custom integrations, applications and management is done through the network. This allows businesses to only pay for what they need, when they need it. Management of the system can be done by a local administrator through a web-based portal or by contacting the service provider. The basic upgrades are done by the service provider at the network level, so that the business doesn’t have to worry if they are on the latest release of features that are available.

“Cloud systems also don’t care where the end users are physically located. They can be at the main office, working from home or on the road and have the same capabilities and experience as the worker who is in the office. The number of lines can be easily scaled up or down depending on seasonal or general business needs, and cloud-based UC is often cheaper than an on-site PBX — think one predictable monthly expense versus a much higher price tag for a bundle of physical equipment.”

What’s the state of unified communications in 2021, considering that more people are working from home than ever before?

Barnes: “Similar to the acceleration of general cloud adoption the IT space experienced in 2020 and 2021, the prevalence of working from home also makes unified communications more important than ever before because a good UC platform lends flexibility. It’s increasingly rare to find a team that sits together in the same office, regardless of how big or small your business is. A recent survey of knowledge workers indicates that 79% always or frequently work in dispersed teams. This new office structure calls for flexibility in the way people sign into meetings, dial into conference calls, hold brainstorming sessions and much more. And then you consider that different teams may have adopted different systems, which automatically tasks people with different passwords and protocols to remember.

“Bringing everything under a UC model makes life easier for everyone and grants employees the mobility and agility they’ve come to depend on in a work-from-home environment. If you need to start a meeting from your cellphone in the car and transition onto the video meeting platform when you arrive home, you can do that quickly and seamlessly with the right UC platform.

“In terms of size and availability, UC is also very scalable, which is another major benefit in a work-from-home scenario. Ultimately, UC lends to a more engaged, productive workforce where people can get in touch, meet and collaborate with ease.”

What’s the No. 1 concern you hear from small and medium-sized businesses about their company’s communications setup, and what would your response be?

Barnes: “One of the primary concerns we hear from small and medium-sized businesses is that communications platforms and protocols vary across teams. You might have a team who prefers to call each other, another team who is always holding video meetings and a third team that barely uses any platforms to stay in touch. Coupling this siloed scenario with a larger work-from-home population, you can see a distinct problem in bringing departments together to tackle work. My response would be, have you considered unified communications? I find many people haven’t even heard of it. They know the popular platforms, but they may not know there’s a way to bring all those systems together onto a unified system that is seamless for users. They’re amazed at the increased productivity, connection and collaboration that a UC platform can provide, and it’s transformative for their business.”

What are two top tips you would offer remote workforces that are struggling to work together productively and collaboratively?

Barnes: “First, keep your business objectives in mind. Meetings and collaboration are only effective if they are focused on the goal. If conversations have shifted to ‘we’re meeting too much,’ ‘we’re not meeting enough,’ ‘I can’t log into this platform,’ or ‘this communications solution is not working for us,’ then your tools are standing in your way. It might be time to seriously consider a UC platform that streamlines operations, so you can get back to the real business at hand.

“Secondly, when pain points arise, make a list of the systems, processes, technology and strategies that are creating friction or just aren’t working well for your team. What are the most critical needs and what would help to solve them? If your current way of working is causing bottlenecks, it’s time to find a unified solution.”

CONNECTIVITY POINT

Tony Foglia, account executive, NH and Mass., and Rob Campbell, territory manager, NH and Mass.

What is data cabling, and how would my business benefit from it?

Foglia: “Data cabling, aka structured cabling, aka infrastructure cabling, is the physical cabling used to create a network infrastructure that supports the many different pieces of technology and equipment that it takes to run a business. The cables provide the communication conduit for the information and data generated by computers, telephone systems, physical security systems, videoconferencing, HVAC control, etc. This information is in the form of emails, internet, phone conversations, video feeds and more.

“As your business grows, you add more people, hold more videoconferences, send more emails and improve security. The network infrastructure needs to be able to support this increase in communications. A properly managed network infrastructure can grow with your business, letting you easily add to the system and, in most cases, be cost efficient.”

What is VoIP’s biggest security risk, and how can I avoid it?

Campbell: “As with any system on your network, a VoIP system is vulnerable to attack if data security measures are not in place — this includes phishing, malware, viruses, hijacking and tampering. The best way to reduce your security risk is to have your IT staff work with your VoIP provider to implement any recommended data security measures and educate users of potential security threats.”

What are the advantages of cloud solutions over traditional phone systems?

Foglia: “There are many advantages to upgrading your traditional on-premise phone system to a cloud-hosted communication platform:

• Mobility: Staff can work from anywhere they have internet, on a variety of devices, like desk phones, smartphone apps and softphones on Windows and Mac desktops.

• Reduced Hardware Expenses: Cloud voice service shares the data network, running on existing switch and cabling infrastructure. No on-site telephone system to maintain, update or repair.

• Reliability: The voice system sits in the cloud at a data center with generators, redundant servers and multiple bandwidth providers, ensuring the reliability that calls are always answered.

“Cloud communication platforms offer so much more than a telephone service, they allow you to utilize phone and video communications, share files, automate reminder calls and track customer communication results. They also help small or understaffed businesses be more efficient with less.”

What is an infrastructure audit, when should I consider having one conducted and what can I expect from it?

Campbell: “An IT infrastructure audit is basically assessing and understanding what you really use or do not use on your network and setting yourself up for the future.

“With ever-changing technology, and the absence of an IT professional, it is easy to keep adding technology to your network and leave devices on the system that never gets utilized, causing unnecessary bandwidth to be used. Hiring a certified engineer to assess and provide a detailed report of their findings will help you to determine what should be repurposed, upgraded or eliminated. Included in the report will be system health check updates, age of equipment, and identified outdated hardware/ software systems and applications. Action taken based on the audit will extend the life of the equipment you keep and help decrease your total cost of ownership.

“When businesses are growing and more equipment is needed, it is always a good idea to have an audit to help mitigate communication risks, bandwidth consumption and security threats. When considering migrating from a premise phone system to VoIP, a network assessment should be made to determine if your existing network and internet services can support voice on your network.”

What types of businesses would benefit from a sound masking system, and what does it do?

Foglia: “Sound masking provides background sound that reduces noise and protects speech privacy. The system uses ambient sounds to make distractions and private conversations intelligible, enhancing privacy in call centers or offices with a small footprint where multiple people are having conversations at the same time.

“Sound masking is also very important for hospitals and healthcare providers who need to comply with HIPAA Laws and use HCAP scores for funding. Other businesses like restaurants and retail stores use sound masking to reduce the overall noise that can be a deterrent for customers. Any business with a physical HR department can use sound masking to help with speech privacy when discussing individuals or individual situations.

“There are also options to integrate your sound-masking system with paging and/or music, creating a multi-functioning system.”

TWINSTATE TECHNOLOGIES

Devi Momot CISSP, GSLC, GISP, chief executive officer

Ransomware — what’s the big deal?

Momot: “Ransomware is software (malware) that tells your computer to encrypt hard drives. They hold data hostage and will only unencrypt your data in exchange for a ransom payment. How do you get it back? Well, hopefully you have tested and reliable file, email and server backups in place already. You can also pay the ransom, but this is expensive, and the FBI does not advise paying up.”

Why not just pay?

Momot: “There is no guarantee that paying the ransom will work. Relying on this tactic as your recovery plan is not an ideal plan as you might end up without your data and with less money. Hackers use ransom money to pay themselves, and like any organization they reinvest profits back into their systems, technologies and teams. These extortion operations operate similarly to businesses. When you pay these criminal enterprises, you are directly funding their innovation.”

How do I protect my business?

Momot: “The main ransomware delivery method is via email, but it can enter your system in a multitude of ways.

“Best practices to defend against ransomware infection involves protection measures at every layer of your network. This includes implementing strict policies; firewalls; endpoint security (anti-virus); file, server and cloud backups; user awareness training; and email protection. (All of which) should be the minimum standard of protection.

“Regular assessments are critical to see if your policies should be adjusted, technology is out of date or you have a big gaping hole on your network. It’s worth mentioning that these technologies are useless if they are not constantly being monitored, patched and updated with threat intel providing the most current tactics.”

The most recent ransomware hack hit managed service providers (MSPs) — how do you know an MSP is secure?

Momot: “An MSP should be going to great lengths to protect not only their own business but their clients as well. Protecting clients is their business after all.

“If you are working with an MSP, there are some critical questions you can ask them:

• What technologies do you have in place?

• How do you vet the vendor and their technologies?

• Are you monitoring 24/7?

• When was the last time you did a penetration test? What were your results?

How did you implement changes after you received your results?

• Do you have an incident response plan?

• What happens to us if you get infected?

• Do you have insurance that protects us? “Cybersecurity can feel hopeless if you don’t know where to start. Working as a team with an MSP can make cybersecurity simple for you.”

DAYSTAR

Keith Bamford, CEO and co-founder

Do smaller businesses really need a formal IT strategy?

Bamford: “We get asked this question a lot. Think for a moment how much your reliance on technology has changed in just the past five years. With cloud solutions, as-a-service models and technical advancements, even the smallest businesses have access to sophisticated technology. Technology systems directly impact productivity, efficiency and your ability to compete in the market. Whether you’re a three-person office or an enterprise corporation, if it impacts your bottom line it deserves some dedicated attention. A deliberate documented business technology strategy helps you reap the benefits of the investments you make in IT.

“An IT strategy aligned with your business also improves operational stability and visibility, while providing a better user experience for your team. The lack of strategy results in exactly the opposite: lost productivity, increased costs and frustrated employees. Of course, smaller businesses may not have as lengthy and complex an IT strategy as larger corporations.

What’s important is deliberately defining and documenting a strategy appropriate to your business.”

How does a technology plan help protect my business from cyber threats?

Bamford: “The risk of a cyber attack, most notably ransomware and phishing, on today’s businesses is severe. Mainstream news has covered recent attacks against Colonial Pipeline, JBS, Kaseya and the Washington D.C. Metropolitan Police Department. Yet, it’s not just large, national firms. New Hampshire businesses, municipalities and nonprofits have also been targeted.

“Cybersecurity planning is a key component of a business’s IT strategy. Defining, documenting and communicating an organization’s security protocols and procedures directly reduces the risk it has in falling victim to an attack.

“The strategic assessment process provides the framework in which a business develops a layered security approach. Attention should be devoted to three main areas: technology, process and human layers. Technology covers the equipment, configuration, access and compliance protocols. Process includes the IT policies and procedures to create a secure network environment. The human layer defines the measures taken to train and educate your team to create a cyber-savvy workforce.”

What are the biggest mistakes businesses make when creating a technology plan?

Bamford: “The first mistake businesses make occurs right at the start. Oftentimes, a business owner or CEO will ask whoever is tasked with IT to come up with a plan and budget. Or, alternatively, the person in charge of IT takes the initiative to craft it themselves. The problem with this is that an effective business IT strategy is not made by one person or one department. Your systems touch virtually every aspect of your business. To properly align an IT strategy to your business requires representation from the various business units.

At minimum, the planning team should consist of leaders in IT, operations, finance and human resources. Although one department may take the lead, it’s important that perspectives from all major stakeholders are heard. IT strategic planning is a collaborative and co-owned process.

“The second major mistake strikes at the end of the process. Most strategic technology plans cover a 3-5 year time span. At this point, all the work of creating a plan and implementing it is done. The plan is placed on the proverbial shelf until it expires. By not building in a periodic review process, businesses are not agile and flexible to make changes and updates. Include a regular review process in your IT strategy to address unforeseen needs. Review progress to ensure the plan is on track. The ultimate goal is a plan that is aligned with the current needs, objectives and goals of the business at all times.”

What things should you include in an IT strategy plan?

Bamford: “Although a business’s IT strategy is unique, there are three pieces we always recommend.

“The first is a technology road map. This provides a visual progression of IT projects and timelines. Business technology is integrated; one system impacts others. By setting a technology road map, you give yourself a map to follow and visibility to identify any potential issues.

“The second is security integration. When deploying new solutions, you are adding more threat vectors to your business’s network. Be sure to include a security component for every project or process. It’s just too important not to do. This includes both hardware installations and third-party software and cloud services. Be sure their security settings are properly vetted.

“The final piece is training. Fit training needs into your plan to take full advantage of the technology you deploy, and make the most efficient use of your employees’ time. This is true for any new technology solutions and for existing key company systems. And don’t forget ongoing cybersecurity awareness training. Every business’s strategic IT plan will be different, according to their needs, size and current technology landscape. For more help, check out our Business IT Strategy guide at sites. daystarinc.com/how-to-build-a-businessit-strategy.”