Tag Archive for: Compliance

5 Reasons to Use Multi-Factor Authentication

Multi-factor authentication is the number one security control Northeast Ohio businesses can implement today to help prevent a data breach.

The Wild West of IT Services

In 1878, William Bonney, aka “Billy the Kid,” along with a posse of gun-toting outlaws known as the “Regulators,” wreaked havoc in New Mexico as they fought for control of dry goods and cattle interests in Lincoln County. You may be familiar with the gang and their story from the movie Young Guns (and from the Warren G and Nate Dogg song, of course).

Many words come to mind when we think about the Old West and the era Young Guns depicted including lawless, wild, and dangerous. The gang took the name “Regulators” because they believed the lawmen in their county were corrupt. Despite their violent behavior they considered themselves “good guys” and sought to regulate the cattle monopoly and make sure justice was served.

Today, there are regulators in just about every industry we work with. None of them carry around side-arms or ride into our client’s offices on horseback, but they do instill fear with threats of legal actions and heavy fines if companies aren’t compliant.

Our clients are governed by laws and regulations such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA); the Payment Card Industry Data Security Standard (PCI DSS), and the Federal Information Security Management Act (FISMA), just to name a few.

But strangely, the one industry we are most familiar (and the one in which we work) is the one that isn’t regulated at all—Information Technology Services, or IT Support.

There are no regulations or regulators in the IT Industry. IT service providers are not governed by compliance laws. It’s almost as if the IT industry is its own Wild West.  For fly-by-night companies, having little or no regulations is a wonderful thing. Any kid with a laptop can create a website and offer IT Services for Akron businesses. There’s no one looking over their shoulder to see what they’re doing with your passwords or client’s most sensitive information.

For businesses, this is a terrifying proposition. For all you know your remote IT guy is eating Cheetos and playing video games while he claims to be monitoring your network. There is really no way of knowing for sure.

Who’s watching over your IT service provider?

So what can you do to make sure you hire the right IT Provider?

1-Make sure you only work with an established company who has earned the trust of their clients over the years. PCR has been in business since 2004 and has partnered with over a hundred Akron area businesses during that time.

2-Have a conversation with your IT Service Provider. Can they answer the following questions?

  • Are they truly maintaining critical security updates for your IT systems? Have you outgrown their ability to adequately support you?
  • Are your IT systems truly secured from hackers, viruses and rogue employees?
  • Are your backups configured properly to ensure that you could be back up and running again fast in a disaster?
  • Are you unknowingly exposing your company to expensive fines and litigation under Ohio data breach laws?
  • Does your cybersecurity program conform to the new Ohio Data Protection Act.

3-***MAKE SURE THEY ARE SOC 2 CERTIFIED*** PCR Business Systems made the choice to get SOC 2 audited in order to give our clients peace of mind.

We are one of—if not the only— IT Service Provider in Northeast Ohio to be SOC 2 audited. That means we’ve spent the time and money to ensure what we promise to our clients—both in terms of the privacy and data protection protocols we follow, as well as the services we offer—is exactly what we deliver.

For more information schedule a FREE IT Discussion with me.

Pat Carroll

President, PCR Business Systems

Email me Directly