Setting Expectations for Your IT Support

In today’s digital, data driven world, your IT department has never been more important. Digital security should be one of the top priorities of any modern business. After all, a data breach costs a company an average of $8.19 million.

Of course, an IT team handles much more than security. From setting up employees with company devices to upgrading software and hardware systems to simply keeping your systems running, your IT department is the heart of all things digital.

Because of this, you should carry very high expectations for your IT team, whether they’re in house or outsourced (or a combination). Third party IT companies can be a valuable asset, as they can typically provide more in-depth services at a much more affordable price.

But the wrong IT company can become a serious liability.

Here is What You Should Expect from a Third-Party IT Company

First and foremost, they need to actually offer the services you require. IT can cover a lot of area, and every company has different needs. Certain IT companies can be more niche than others. Check and see if they have familiarity with your systems as well, from server types to software that’s being used. 

There is expected to be a certain amount of discovery when it comes to onboarding a new IT company, but they should have an idea of what they’re getting into. 

The same goes for knowledge of your industries compliance needs and security standards. This is especially important for businesses that deal with NIST 800-171 and HIPAA compliance 

A lot of IT is also about thinking and planning ahead. That’s why it’s not enough for an IT provider to meet you where you’re at currently. Scalability is important to consider. As your business matures and grows, your IT needs grow with it. 

Your IT provider needs to be able to step up their service as required. 

Lastly, when IT emergencies arise, fast response time is critical. You need to make sure a company is easily reachable, effective at communicating what’s going on, and quick to act. While it can be difficult to know how quickly an IT company is going to respond until you’re actually working with them, you can watch for signs during your initial engagement with them. 

If details are being skipped over or replies are coming a day or two later, you may want to look elsewhere. 

At DataYard, We Aim to Exceed Expectations 

We believe that quality IT Support cannot exist without high-level customer service. We want you to know that you have our attention. We’re here to assist you, answer questions, explain uncertainties, and do everything we can to put you at ease. 

From the moment a client signs up, it’s our goal to not just maintain the status quo, but to improve your system so that you’re protected against the future.  After all, IT isn’t just about protecting against current threats and potential problems. It’s about staying ahead of them. 

We can cater our services to your needs. Whether you need a full external IT staff or another team to support your inhouse staff, we’ll integrate seamlessly with your company. And for those located near our data center in the Dayton, Ohio area, we make onsite visits as needed. 

With DataYard at your side, you can expect a level of IT support that exceeds your needs. 

We're Here for You

LEARN MORE ABOUT OUR IT SERVICES


Basic Requirements of HIPAA Data Compliance

Security should be a high priority for any business sharing information across the internet (or any other digital network). For those who operate under HIPAA, it’s not just something you should do; it’s something you have to do by law. 

Recently, we discussed what part of HIPAA covers digital and online assets. Today, we’re going to focus on some of the basic features HIPAA requires. This is by no means a full breakdown, as that would very long, confusing, and attention shattering. 

Instead, we’ll discuss on some of the broader areas you’ll want to make sure are covered by your hosting provider and IT team. 

The goal is here is to handle PHI (protected health information) appropriately by ensuring three things: 

  1. PHI can only be viewed, edited, and shared by authorized people. 
  2. An individual must be able to access their PHI whenever they choose to. 
  3. PHI must be safeguarded against data loss. 

To do so, you’ll need the following… 

Data Encryption 

Data encryption is the first level of defense for your PHI. This ensures that data can only be accessed through the proper points of access (such as login portals). Should a person or program go around your server controls to break into your system, any data obtained will be undecipherable.  

Access Logs 

It’s important to know who accesses what data and when they access it. Also, any changes, edits, or additions must be logged. These logs will help prove that compliance has been maintained. Should problems arise, they’ll also help determine the source and what’s been affected.  

Typically, access logs should go back as far as six years. 

Automated Backup Systems 

It’s not just data breaches that you need to protect against. The loss of data can be just as damaging. HIPAA systems are required to make regular, complete backups that are fully encrypted. That way, should your system be breached or destroyed, a backup can be put in place to maintain compliance.  

Backup Power 

In order to keep information accessible, the power needs to keep running to your servers and systems at all times. Backup power is required to prevent against potential outages and ensure that PHI can always be accessed. 

System Updates 

Outdated software or hardware systems can be a common cause for both technological issues and breaches in security. Any server, network, OS, or device that’s involved in the handling of PHI must stay up to date. 

Depending on the complexity of your network, this can be quite an undertaking. 

Password Compliance 

Weak passwords are very dangerous for any system. In fact, they’re the most common causes for data breaches. In the case of HIPAA, weak passwords aren’t just a liability; they can violate policy. Organizations operating under HIPAA must have systems implemented for creating, changing, and safeguarding passwords”. 

The specifics of how you go about doing this can vary. What matters most is that you have an established system that everyone follows. 

Still, using complex passwords and changing them frequently aren’t always enough. Even when strong passwords are used and regularly changed, you can still be vulnerable to brute force attacks (programs that randomly generate characters until the right password is entered). 

To truly protect yourself, you need additional security measures in place that signal warnings and lock-out hackers before they can break your password. 

When It Comes to HIPAA, You Can’t Plead Ignorance 

Whether you understand all the specifics of HIPAA requirements or not makes little difference. You’ll be penalized all the same. Failure to comply with HIPAA rules will put you under the enforcement of the Office for Civil Rights of the Department of Health and Human Services (or OCR). 

An individual HIPAA fine can be as much as $50,000. An organization can be fined as much as $1,500,000 per violation category in a single year. On top of that, you may face civil lawsuits from people affected by any breaches or data losses. 

This is enough to crush many large companies let alone the small ones. The best protection against this happening is by leveraging the assets, knowledge, and experience of a company like DataYard. 

At DataYard, we provide dedicated cloud hosting, cybersecurity services, and colocation services that can meet the strictest areas of HIPAA compliance. We house are cloud servers in Dayton, Ohio where they are protected against outages, breaches, and data loss.  

Additionally, our IT expertise enables us to consult, advise, and directly assist you in maintain HIPAA compliance across the rest of your systems. 

Contact us today and make sure you maintain compliancy.  

We Can Keep You HIPAA Compliant

TELL US WHAT YOU NEED


What Place Does Colocation Have in a Cloud Based World?

For many companies, having their own servers has become a thing of the past. Where once, a business had to find space to place racks, run wiringprovide backup power, etc., they can now utilize someone else’s servers halfway across the world. 

Even for companies who need high-performance, extra security, and 24/monitoring, cloud hosting solutions can provide dedicated server space that keeps up with all of their demands. 

But in-between cloud servers and in-house servers, there is another option: colocation. 

Colocation is when you house your own physical server equipment in a third-party data center. You handle the purchasing and configuration of the equipment. The data center keeps it secure, powered, and cooled.  

This has proven to be a popular solution, as it frees businesses from having to store their dedicated servers in their own buildings. Advanced systems can make noise and run hot, not to mention they need backup power sourcesextra security measures, and high-speed network access. 

By placing your equipment in a data center, you can free up your own real estate and remove the responsibility of keeping your servers powered, protected, and connected. It’s a best of both worlds approach. 

However, as cloud hosting and dedicated virtual servers have grown in capabilities, many have moved away from colocation. Some have even gone as far as to say that colocation is dead. This is not true. In fact, colocation is on the rise. 

Why is that? It’s simple. Some businesses need their own equipment.  

And others just like having ownership over it. 

There are a few reasons why you may want colocation.

Specific Hardware Requirements 

Every business has different hardware, compliance, and security measures to follow. Cloud servers take a universal approach to hosting, providing more of a “one-size-fits all” solution, even if there are some options you can customize. 

With colocation, you choose every part of your setup, which means you can tailor it to your specific needs. In some cases, a company’s software and/or internal systems may require server hardware that simply isn’t popular enough to be found as an option for cloud hosting. 

Technical Knowhow 

Due to the fact that you’re purchasing and configuring your own equipment, colocation does require some advanced IT knowhow. For companies with IT workers on staff, this is great, as it allows them to setup their system exactly how they want it.  

And we know firsthand how particular IT people can be about the way things are configured. 

Ownership 

Cloud hosting, even when you’re using private or dedicate servers, is a rental service. You are paying someone to use their equipment. When you stop paying them, you lose the ability to use that equipment. They may also have specific rules regarding how you use the equipment. Some businesses are completely fine with that. 

Others prefer ownership. 

With colocation, the equipment is yours to use as you wish. If you decide to change who you’re partnering with for hosting, you can take your equipment with you. 

In Need of Colocation? 

Our Data Center in Dayton, Ohio is equipped to handle all of your server needs. Whether you want private cloud hosting, shared hosting, or space for colocation, you can expect a high quality, customer driven experience. 

Our colocation services are scalable and move-in ready. At DataYard, you’ll have 24/7/365 access, should you need it. Meanwhile, we’ll make sure your equipment stays secured, protected, and connected.  

Our Data Center is Here for You

LEARN MORE ABOUT OUR COLOCATION SERVICES


DataYard’s 2016 Internship Program – Internet of Things Kick-Off!

On June 1st DataYard officially brought on two new summer interns for a specific and pretty cool project – to explore the Internet of Things (IoT)!

The chosen ones – Owen Devine and James Kinion – will be working with us through August to design, build, and deploy mobile units which report not only their own geographic location, but a slew of environmental variables as well. While we have a vague idea of how we at DataYard might accomplish this task, the interns have been set free in a sea of low-cost devices which when used together can accomplish almost anything.

We’re makers here at DataYard, and are super excited about the future of the IoT space. We got a 3D Printer for the office last Christmas, and Eric Wright has probably burned through twenty pounds of PLA over seventeen generations of a custom-fit phone Heads Up Display for his road bike. We built our own big-screen network status and reporting display, have daily DJ battles on a Raspberry Pi3 via Airplay to the MusicBox interface, and a Retrobox Pi3 for SNES emulation is coming soon – not even mentioning the custom solutions we put in place for clients every day.

We’re hoping to support the future of the IoT movement by getting some sharp young minds playing the field – and we plan to do that while deploying additional (and mobile) environmental monitoring to our data center – stay tuned for updates on DataYard’s continuing quest to innovate and create ways to Make IT Better!

With Great Power Comes Great Responsibility

The technological landscape continues to evolve at a fantastic pace, and staying on top of it all can be challenging. In spite of the high rate of change I think there are some “timeless” lessons we’ve learned over the last two decades, lessons that will continue to be true for the foreseeable future. Here are three lessons that are part of our DNA today and are integrated in our daily thinking.

The first is that the demand for robust, high-performance Internet access and applications consistently increases. It never shrinks. Our clients today are getting much more comfortable taking their applications off-site and into the cloud, so reliable, fast, low-latency connections to the network are becoming increasingly vital to daily operations. Furthermore, our users are connecting to their data using a dizzying array of devices, applications, and APIs from a diverse number of geographic locations. This trend is only going to continue as more computing power is loaded into smartphones and tablets, and small-footprint IoT (Internet of Things) devices like Arduinos and Raspberry Pis multiply.

The second is that good data and application security cannot be an after-thought. Protecting data, and your users’ access to it, has to be an important element of the system from Day 1. Good security is not something you do once and then assume you’re done, nor is it something you bolt onto an already-built system. Good security requires processes that are enforced, systems and software that are monitored around the clock, and software updates and security patches — at least at the operating system level — for the lifespan of the application. Failing to take security seriously from the onset means that your critical systems might be exposed to potential compromise, and that critical business data might be corrupted or lost.

Thirdly, a tremendous amount of planning and care is needed to integrate new Internet services into a client’s enterprise with nearly zero downtime to the end user. This cannot be done haphazardly. It requires knowledge of a client’s working environments, their online habits, their schedules, their processes. It requires critical thinking and the judgment skills necessary to weigh competing priorities to help create installation plans that minimize negative ripple effects when new systems are brought online. It requires the ability to communicate excellently, both on a technical and an operational level. A client can’t have a positive technology experience if they don’t understand what’s going on, if they don’t know who is leading the project, or if they never know where they are in the process.

For the last few years I’ve used a line from a superhero movie to describe the importance of the role we at DataYard play on behalf of our clients: “With great power comes great responsibility.” We take the management of our entire infrastructure, and the management of individual client applications from end-to-end, very seriously. When you have the power to bring an enterprise’s technology to a screeching halt you tend to open technical doors very carefully. You only open those doors when you absolutely have to. You do it with a purpose, and you know — in advance — exactly what you’re going to do when you’re on the other side. To be careless with a client’s applications or data only invites disaster.

Nobody likes disasters, including technological disasters. Responsible technologists avoid disasters by first imagining all the things that could go wrong. Then they use their position and influence to mitigate those risks one by one through good processes, building in capacity and redundancy, and preparation prior to plan execution. To do anything less is a disservice to your users.

Open House — Under the Hood at DataYard

Open House at DataYard

On November 9, 2012, we hosted an Open House at our new facility. We called it our “Under the Hood” tour, and gave our visitors a chance to see what makes our new facility, particularly our new Data Center, tick.

Below are some select photos from the event.

openhouse2 openhouse1
openhouse3 openhouse4