April 27, 2021
Cyber Security, Data Management, Data Privacy, Information Technology, Managed IT Services, Ransomware, Risk Assessment
Need IT support? Here are some questions to ask when looking for a Managed IT Services firm to make sure they provide comprehensive services to keep your business secure. Contact us to learn more about our IT Services.
October 31, 2019
Cyber Security, Information Technology, Managed IT Services, Ransomware, Sacramento, Technology
By David Baker, Microsoft MCSA & MCITP, CompTIA+ & Network+, CSM
According to the 2018 Verizon Data Breach Investigations Report via a Forbes magazine report, more than half of all cyber attack victims were small businesses.
As a Managed IT Services provider, we’ve seen many instances of our small business clients experiencing email phishing, ransomware, or other breaches in security.
Even if your small business uses an out-of-the-box security system, you still need a professional IT organization to help make sure the technology works optimally and is layered with firewalls, encryption, and more.
Here are some questions to ask when interviewing a Managed IT Services firm:
Over 80% of small businesses report that malware has evaded their antivirus software.
These are just a few questions to ask an IT services firm to make sure they provide comprehensive services to keep your business secure.
Interested in asking us these questions and learning more about how KAI Partners’ IT experts can help? Call 916-465-8065!
About David: David Baker holds certifications in Microsoft MCSA, Microsoft MCITP, CompTIA A+, CompTIA Network+ and has extensive experience in server, platform (HP/Dell). Mr. Baker has experience working with developers and supporting their development environment. In his current role, Mr. Baker monitors clients’ backups, active directory, DHCP and DNS, resolves helpdesk tier 1-3 support tickets, and has successfully completed AD migrations from server 2008 to server 2012 and 2016. Mr. Baker has successfully completed VOIP phone migrations, WAN ISP cutovers, network redesign and implementation, firewall replacements and security lockdown, AWS web server build out, AWS helpdesk call center engineering, and more. In his spare time, Mr. Baker enjoys BBQing, photography, and fitness.
August 14, 2019
Cyber Security, Data Privacy, Government, Information Technology, National Cyber Security Awareness Month, Public Sector, Ransomware, Sacramento, Technology
By Jamal Hartenstein, JD, CISSP, CGEIT, PMP
(ISC)², a leading cybersecurity and IT security professional organization, is holding their annual Security Congress event in Orlando in a few months. At the conference, I will be presenting a panel called “Behind the Text: Laws on Data Privacy, Consumer Rights and Cybersecurity, Deconstructed.” Today I am sharing a little bit of insight into what I will delve further into at the (ISC)² event.
Data privacy and cybersecurity laws shape many aspects of an organization, from influencing the operational decisions an organization makes to the way IT security professionals do their jobs.
The purpose of data privacy laws is to provide regulatory compliance measures to protect personal data—depending on the industry, this could be the data of consumers, customers, private citizens, or others. Typically, the laws align with IT security frameworks (often created by academics or other experts) and companies write their data privacy policies to comply with laws and adhere to frameworks.
But, what’s missing? When you deconstruct the text of the laws that govern an organization’s industry—think private sector financial, health insurance, banking, etc.—you may find loopholes or obligations you didn’t know existed. Organizations can save themselves a lot of time and money by understanding the scope of their legal obligations.
Legislation is increasingly shaping the IT security professional’s field. Some laws that currently govern IT security have been on the books for 100+ years, but only recently have been interpreted to cover data privacy and cybersecurity violations. These changing legal interpretations, along with the new laws being put on the books, means that there’s a level of legal understanding that can be daunting for organizations and the security professionals they employ. Collectively, we need to dissect the wording used in the popular data privacy and cybersecurity laws and break it down so IT professionals can truly understand what we’re working with.
As an IT Security professional, I understand the threats, technology, and strategies to mitigate threats. Having a legal background makes it easier for me to understand laws that determine exposure to compliance obligations and laws that influence how I develop strategies. For example, when organizations comply with a deletion request, or “the right to be forgotten” (aka: of your own personal data records held with an organization), this can be an expensive process, especially if the data is on offsite backups and housed with third party data processors. But the law is particularly tricky with explanations on why, how, and when an organization must process a deletion request, or even if the request must be performed at all. Consequently, a lot of time and money can be saved if IT Security professionals understand the text of the laws.
Interested in learning more? During my discussion at the (ISC)² Security Congress, we’ll cover the following:
Want to find out how to deconstruct and understand security law? Attend my panel at the (ISC)² Security Congress in October—I hope you see you there!
About the Author: IT Security Program Manager at KAI Partners, Jamal Hartenstein is a cybersecurity legal expert who has helped some of the country’s largest financial institutions, healthcare companies, and federal agencies develop their IT Security Roadmap programs. In his current role, Jamal provides guidance to executive staff and security professionals on laws, frameworks, and policies that help shape their strategic plan, and helps organizations innovate safely and securely. Prior to working for KAI Partners, Jamal served as an Electronic Warfare Sergeant in the U.S. Army Military Intelligence Corps, where he was a steward for Defense Information Systems Agency (DISA) framework. He earned his undergraduate degree from Georgia Military College and his Juris Doctorate from University of the Pacific, McGeorge School of Law in California.
June 19, 2019
Certified ScrumMaster (CSM), Cloud Computing, Information Technology, Innovation, IT Modernization, KAI Partners, Managed IT Services, Non-profit, Project Management, Ransomware, Sacramento, Small Business, Technology
By David Baker, Microsoft MCSA & MCITP, CompTIA+ & Network+, CSM
We’ve talked before about how your organization can benefit from our managed IT services. We can help you reduce downtime, improve productivity, and more.
Something else we do is help you reduce the money you spend on IT services.
An IT company that helps you reduce IT costs? Yes! Our IT team is always on the lookout for ways to save our clients money.
We recently completed a phone migration and network infrastructure upgrade for one of our clients. We found a way to decrease their monthly phone bill by half, ultimately saving them well into five figures annually.
Another way to save your organization money? We’re a big proponent of cloud computing—for example, using Microsoft 365 or Google Cloud for your files, emails, calendaring, and anything else you need to run your business.
We know a lot of people are still hesitant to move over to “the cloud,” but here are a few examples of how migrating from in-house servers to cloud computing can save you money and peace of mind:
KAI Partners’ expert cloud computing engineers are ready to help you meet your business goals. If you’re ready to let us take care of your IT needs, call 916-465-8065!
About David: David Baker holds certifications in Microsoft MCSA, Microsoft MCITP, CompTIA A+, CompTIA Network+ and has extensive experience in server, platform (HP/Dell). Mr. Baker has experience working with developers and supporting their development environment. In his current role, Mr. Baker monitors clients’ backups, active directory, DHCP and DNS, resolves helpdesk tier 1-3 support tickets, and has successfully completed AD migrations from server 2008 to server 2012 and 2016. Mr. Baker has successfully completed VOIP phone migrations, WAN ISP cutovers, network redesign and implementation, firewall replacements and security lockdown, AWS web server build out, AWS helpdesk call center engineering, and more. In his spare time, Mr. Baker enjoys BBQing, photography, and fitness.
June 5, 2019
Cyber Security, Data Management, Government, Information Technology, Innovation in the Public Sector, IT Modernization, KAI Partners, Public Sector, Ransomware, Risk Assessment, Sacramento, Technology
By Jamal Hartenstein, JD, CISSP, CGEIT, PMP
The Greater Sacramento Capitol Chapter of ARMA recently held its annual Records Knowledge Conference, which brought together records managers from city, county, and state clerk offices.
According to our local ARMA chapter, ARMA is dedicated to providing education and resources to those in the Records Management and Information Governance fields. They are committed to enhancing Records Management and Information Governance professionals through training, networking, leadership, and outreach.
The conference attendees brought a sense of eagerness to learn and share—ARMA chapter leadership gave event attendees a special opportunity to hear from world-class speakers—including and a lead researcher on the IBM Watson project, Dr. Ashish Kundu—on some of the most important and cutting-edge topics.
Along with a formidable group CEOs, I was honored to be asked to speak about Cybersecurity Threats to Information Governance. Highlights of the event and major takeaways included:
Public sector IT innovation and modernization means systems and processes change rapidly. One example of this is California Assembly Bill 2658, recently signed into law by the governor. This new law updates the definition of an Electronic Record to include blockchain and smart contracts as legally recognized records. It sends a clear signal that digital records management, particularly blockchain technology and smart contracts, are priorities for a more innovative and dynamic public sector.
This new law impacts public records requests because entries logged in public agency-owned private blockchains are electronic records. These records are susceptible to the Freedom of Information Act (FOIA). Records Managers may benefit from technology that makes the identification and delivery of public records to requestors easier. It may also create convenience for those exercising Public Records Act (PRA) requests. It’s a double-edged sword; it streamlines the processes but increases PRA volume at the same time.
The discussion of the California blockchain law was one most important topics discussed at the ARMA event. Another popular topic was IT Security Assessments.
The urgency in public sector data governance and records management is an incredible opportunity to embed IT security controls for the public sector personnel working at the heart of the ever-expanding challenges.
KAI Partners performs security assessments to address the multitude of challenges facing the public sector. Our assessments help ensure secure and efficient delivery systems where the organizational objectives align with the development of strategic plans and programs. In addition, KAI Partners’ training division—KAIP Academy—works to address technical skills gaps. Our training courses include ITIL, Project Management, Agile/Scrum, and more.
Were you at the ARMA Conference? What were your biggest takeaways about public sector innovation?
About the Author: IT Security Program Manager at KAI Partners, Jamal Hartenstein is a cybersecurity legal expert who has helped some of the country’s largest financial institutions, healthcare companies, and federal agencies develop their IT Security Roadmap programs. In his current role, Jamal provides guidance to executive staff and security professionals on laws, frameworks, and policies that help shape their strategic plan, and helps organizations innovate safely and securely. Prior to working for KAI Partners, Jamal served as an Electronic Warfare Sergeant in the U.S. Army Military Intelligence Corps, where he was a steward for Defense Information Systems Agency (DISA) framework. He earned his undergraduate degree from Georgia Military College and his Juris Doctorate from University of the Pacific, McGeorge School of Law in California.