Buying, Leasing, or Renting Computers: What Should Your Small Business Do?

Should You Rent, Buy, or Lease Your Company Computers

One challenging decision that new entrepreneurs or growing companies face is whether to buy, lease, or rent computers for your staff. 

It’s probably not a decision you realized you’ll need to make, but it’s an extremely important one to ensure the long-term productivity of your staff. 

In this guide, we’ll help you learn which option is right for you!

1. The Buying Option

Purchasing computers can be a big capital expenditure. In fact, it would be the highest upfront cost of the three options.  It also would give you a limited number of write-offs as a business.

On a positive note you would own the inventory and also be able to purchase extended warranty for the computers for 3-5 additional years just in case you need any parts or a complete replacement. 

Some business owners like to overlap this option, for example purchase 10 computers this year and 10 new computers next year to extend the upgrades. Typically, owners would do an image deployment of the operating system.  This involves customizing the operating system (OS), applications, drives and settings on a single computer and creating an image of it, then automatically deploying this image to all other computers. This usually saves time, effort and creates a standardization.

If this sounds like the option for you, our team can help you purchase computers at a discount and set them up. No long-term contract needed. Contact us to learn more.

“you may not realize that you’ll be required to undergo a credit check”

2.The Lease Option

Leasing computers allows you to have a lower upfront cost than option 1, but more ongoing costs. Typically leases are paid monthly or annually and you will continue paying until you have the option to purchase the machines at the end of the lease.

This option would also provide a 3rd party lease write-off as an operational expense.  Additionally, you would lease your computers from the manufacture and have their direct support. 

One thing you may not realize that you’ll be required to undergo a credit check. If you’re a new business, your company may or may not have established a credit rating yet, which could eliminate this option completely.

3.The Renting Option

Renting provides some comfort knowing that your provider is responsible for everything and the service and ongoing support will be provided to you for the term of your rental.  Renting is typically the same price as a lease option with a bit more overhead on each machine as they are loaded with all of the software, firewalls, and protection required. Additionally, this could be used as a business write off.

Renting has the additional benefit of allowing you to be nimble with your technology adoption. As your business changes, your technology requirements may change. Renting allows for a quicker change of your core systems. 

Managed Services providers like ARC typically provide access to all three options.

We hope you’ve found these tips helpful as you decide what to do. If you ever need any advice, our team is happy to help. We provide IT services for a wide variety of companies across Canada and over the last 21 years, we’ve seen it all. 

Contact us if you need a hand deciding on if buying, leasing, or renting computers is the right option for you! 

Case Study: A Firm Gets Attacked by Ransomware

Client Profile

The Organization:

Our client is an Edmonton-based design firm (for privacy reasons, we’re unable to share their name, just their story).  Their team of experienced architects specialize in many types of projects ranging from commercial retail and office, to national restaurant chains in Canada.

The Challenge:

When firm called us, they were in a full crisis mode. A hacker had installed ransomware on their company’s server and was holding their company’s data hostage. Their business was in grave peril.

"The hacker got through the unprotected firewall and installed ransomware and encrypted the firm’s data."

Some Background:

The firm called ARC Business Solutions previous to the security hack and requested an I.T. Audit.  We preformed the audit and identified the problem of an insecure firewall and provided solutions.  The firm at the time decided to hold off for the time being.  The security hacker got through the unprotected firewall and installed ransomware and encrypted the firm’s data.  The hackers held the company’s server hostage and requested ransom of $3000 worth of bitcoin.   The firm paid it in desperation and received nothing in return.

The Solution Highlight:

In situations like this, drastic measures need to be taken. ARC shut down and cut off all systems from the internet, and systematically cleansed the infection from the system. Although the situation was not ideal for the client to have all systems temporarily shut down, ARC was successful in preventing further threats. 

We isolated the server and were also able to recover valuable data and scrub the software from the database.  Lastly, the firm is now protecting against any future attacks as we have implemented security measures and modern firewalls. 

It is clear that the best way to respond to a ransomware attack is to avoid having one in the first place.  Other than that, making sure your valuable data is protected will ensure that your downtime and loss will be minimal or none. 

How to Diagnose a Phishing Email

All of us have received suspicious emails in our inbox.  Some of these messages can even fool our firewalls and anti-virus software.  It is very important that we know how to decipher these messages as a second line of defence from these security attackers.  In this post, we’ll show you what to look out for and how to protect your organization. 

Interested in a downloadable copy of this article? Click here.

An Example Of A Phishing Email:

1. Hover over from email address: John.Smith@abccompany.com

  • You can see what initially appears as an email address can be altered.  You need to hover over it to see the exact source. For example, it could actually be sent by hackeremail@differentdomain.com, rather than what it appears.
  • Ask yourself: is this email coming from a real sender?

2. Hover over the link: View project online link to see what the true URL link location is.

  • Ask yourself: is this is a trusted site?  Would the sender send me this email to direct me to another site? Is the domain trustworthy?

3. Be wary of links: “click here“, “your message is waiting“, “view project online“, these links are usually sending us to the outside world.  These links can be altered to read something other than the real link.  

4.  Main message – use common sense defensive questions: is this sender asking for money, passwords, or access, or viewing?  Would a real sender ask me this kind of message? (for example, if a phishing email is tailored well to have the Manager’s email address, would my Manager ask me to send him Bitcoins)?

How To Defend Against Phishing

  1. Spam filtering is the first line of defence. It will determine if the majority of the messages coming in are legitimate or not. If the email is well crafted it can fool spam filtering.

  2. If the email gets delivered to your inbox, then YOU are the second line of defence

    .
  3. If you mistakenly click an email or get sent to a site with malware, firewalls, anti-virus programs and a good IT team is your final defence.

If you do click on a link, a good firewall should be able to block the virus. The content would be blocked from being opened to your local machine.

Web filtering should also be enabled on your network. For example, if the link tries to take you to a website that is located in a suspicious country it should automatically be blocked.

A good Unified Threat Management (UTM) will determine if the source of the link is a good source or one that should be blocked.

It doesn’t matter if you have a very secure system in place. It only takes one untrained staff member to be fooled by a phishing attack. Make sure that both you and your staff understand the telltale signs of a phishing attempt.

How To Protect Your Business From Phishing Attacks

Download Free eBook

  • Learn what common tactics phishers use to trick employees
  • Learn what systems you can put in place to stop them before the inbox
  • Learn how you can protect your company today

Case Study: One of the Largest Theatre Companies in North America Needed More Than Managed Services

Client Profile

The Organization:

The Citadel Theatre is one of the largest not-for-profit theatres in North America, drawing over 130,000 patrons from a large geographic region. Their building features 5 performance spaces and  is home to three resident theatre companies: Catalyst TheatreRapid Fire Theatre, and Theatre Yes, in addition to creating partnerships with Edmonton theatre and dance companies, including Brian Webb Dance Co. and Firefly Theatre & Circus.

The Challenge:

When the Citadel came to us, they required much more than a typical managed services package. They needed to update the technology powering over 100 employees, implement a new network of digital signage throughout their facility, and introduce a company intranet to aid communications with staff, performers, and partners.

The Solution:

Due to the wide range of challenges the Citadel faced, we took a layered approach, rather than a one-size-fits-all solution.

Ticket Solutions – We sourced, installed, and trained the Citadel team on a new ticketing system that interfaced with website ecommerce, on-site printers, and financial systems

Staff Computers / Laptops – We provide desktop and laptop computers and service for over 100 employees 

Firewalls & Data Back-ups – We ensure employee data is secure and protected from hacking, phishing, data loss, and hardware failure

Customized Digital Signage – The Citadel team came to us with a challenge: they needed a new system of screens throughout their building to promote new performances, building announcements, and sponsor messaging. We sourced screens and developed a system to manage the screens centrally and within a user-friendly interface.

Day-to-day support – whenever a tech problem arises, our team is on site to help, day-in, day-out.

Mobile App / Light Intranet – The Citadel was looking to implement a company intranet to help communicate messages to employees, share internal events, book amenities, and coordinate company-wide news. We introduced them to our ARC Intercom system which was tailor-made to help groups of people, like organizations or communities, stay on the same page. Once they found out it could also save them thousands of dollars a year over competitive products, they jumped on board immediately!

In the ever-changing world of technology, solutions don’t always come in neat little packages. That’s why we’re here to help you find the best solution for your unique circumstances. We’re proud of our work at The Citadel, and we hope if you’re ever in Edmonton, you check out their excellent productions!

We’re here to help with your IT challenges. Contact us here and we can get started right away!

The Top IT Services Blogs to Follow in 2019

Blog - ARC Managed Services

We share our most bookmark-worthy IT blog sites for 2019

While there is no shortage of IT-related information on the web, not all that information comes from credible sources.  Yet now more than ever, business owners and other professionals need reliable, data-driven information they can trust.  This is especially true since 89 percent of companies expect their IT budgets to grow or stay steady in 2019.

Statistics like this make it clear that IT services remain in demand, and that businesses recognize the importance of remaining ahead-of-the-curve when it comes to IT-related decisions and strategies.  In fact, 85 percent of enterprise executives believe they have only two years to integrate digital initiatives before falling behind their competitors, which goes to show just how red-hot the tech market is. If you aren’t leading the pack, you’re at risk of fading to the background— a disadvantage that savvy business professionals want to avoid.  So, where can entrepreneurs and other professionals go to find the latest, most trustworthy IT information?  

We’ve decided to point you, our valued readers, in the right direction.

 

Here are the Top 5 I.T. Service Blogs To Follow In 2019:

 

1.Information Security Buzz

Information Security Buzz was an easy choice when deciding on our favourite information technology blogs. The site is a completely independent resource that focuses on all things “security”.  From the latest vendor announcements, to cyber attack updates and the latest industry research, this is a website that delivers quality content and actionable tips that business owners can implement to protect their data and systems.  We encourage you to check out their list of contributing authors, a great majority of whom have substantial experience in the IT security industry.

RECOMMENDED POST: 

 

2. I.T. World

ITWorld was created as an IT service blog where technology decision makers, business leaders, and other IT influencers could share information easily and conveniently, but it’s also an excellent place for business professionals from outside the IT industry to gain valuable insight into the latest techniques, tips, and methods.  Since the site is an online hub for IT experts who are highly proficient at what they do, readers can be sure they are getting top-notch content and information every time they visit this site— making it one of the most recommended IT blogs to follow in 2019.  As the site explains, all contributors to the site “have no other agenda except to share what they know, help you solve a problem and put context around recent news, a product announcement or the latest tech trend”.  It doesn’t get much more useful than that!

RECOMMENDED POST:

 

3. Recode – Enterprise

Recode is a technology news website that focuses on the business of Silicon Valley, and is a great place to go if you want to get the latest tips and information from some of the greatest thought leaders in the tech industry.  The enterprise section of their website, specifically, looks at the latest tech developments and focuses on how the impact these developments will impact businesses.

Contributors to Recode include Kara Swisher, who formerly co-hosted the Wall Street Journal’s “D: All Things Digital” (a major high-tech and media conference), and Peter Kafta, the former managing editor of Silicon Valley Insider.  With such noteworthy experts at the helm, there’s no question that the team at Recode knows what they’re talking about, making them a great addition to our list of information technology blogs we check daily.

RECOMMENDED POST:

 

4.MSP Business Insights

MSP Business Insights is a managed services blog where MSP business peers and MSP services vendors can provide IT marketing commentary, share tips and tricks, and discuss the latest industry trends.  The site is ran by Johannes Beekman, the Digital Marketing Director at MSP SEO Factory— a leading company providing IT marketing to businesses in the United States.

While the site is intended for MSP professionals, it is also a great place for business owners to familiarize themselves with managed services trends, and to learn more about the solutions their MSP should be bringing to the table. It truly provides an inside look at the managed services industry, and gives entrepreneurs a look at how MSPs should be engaging their clients.  After all, it’s difficult to hold your managed services provider accountable if you don’t fully grasp what they do or how they should be managing your company’s IT systems.

RECOMMENDED POST:

 

5. Laurie McCabe’s Blog

Laura McCabe has more than 25 years of experience in the IT industry to her name, and is currently co-founder and partner at SMB Group— one the world’s most reputable technology industry research, analysis and consulting firms.  Her blog is dedicated to the small-to-medium-sized business market, and discusses all the latest trends and developments that SMB entrepreneurs should be aware of.  McCabe likes to jam-pack her articles with straight-forward, easy-to-digest tips, and always provides her knowledgeable perspective, ensuring her readers get a no-nonsense version of the latest, most relevant tech topics.  Without a doubt, this is one of the most valuable IT blogs to follow in 2019, and one that we advise clients and professional contacts to browse regularly.

    RECOMMENDED POST:

We hope you find the resources as helpful as we do.  And, of course, if you haven’t already, we encourage you to read more of our blog posts on the ARC Business Solutions website.

 

The Dangers of Ransomware (And the Potential Ramifications for Your Business)

Blog - ARC Managed Services

Detect, remove, and prevent ransomware attacks with the help of trained IT professionals

For many business owners, the term “ransomware” isn’t a familiar one. But when you mention computer viruses, the connection is often made, and the associated consequences are understood.  As more and more IT systems become increasingly integrated into business operations, the potential threats and downfalls of these systems become of greater concern.

At ARC Business Solutions, we know that many entrepreneurs do not have the time, interest, or know-how to combat ransomware attacks or other malicious software issues. That’s why we offer managed services for our valued clients, monitoring their IT infrastructure and keeping their data secure.  But even if an entrepreneur has solicited the help of a professional and knowledgeable IT company, there are some basic methods of protecting against ransomware that they (and every business owner) should know.

In this blog post, we’ll be covering some of the most common missteps that make companies susceptible to malicious software, and sharing our recommended strategies to stop ransomware from jeopardizing your business.  Let’s get started!

 

What is Ransomware And What Does It Do?

 

Ransomware is a type of malicious software that does exactly what it sounds like: uses encryption to hold your data for ransom. Essentially, the software will prevent you from being able to access your much-needed data, extorting you for money with the promise of restoring your access if you pay up.  Typically, the creators of this kind of malicious software disguise their malware, making ransomware appear as a program, app, or media file that you want to install on your computer.  Unfortunately, once you have clicked the “install”, “save”, or “download” button, you are immediately at risk, and the ransomware will begin to infect your device.

 

What Are The Ricks Associated With A Ransomeware Attack? 

 

There are several ways that ransomware can negatively impact your business. Some of the most common disturbances include:

1. Infiltration Of Databases, Back-Ups, And Drives

One of the most worrisome impacts of a ransomware attack is the fact that they are developed to be highly sophisticated, and they can access just about anything that is connected to your computer or electronic device.  From cloud-based storage systems like Dropbox, to hard drives and removable storage systems like USB drives – if access is available via your computer, the malware can worm its way in and compromise any files that are saved via that particular system. This means that files can be corrupted, altered, or deleted, leaving your business scrambling to restore your documents and other important files, while simultaneously trying to prevent the malicious software from spreading further.

 

2. Loss of Access To Computer Systems

This is an especially concerning problem. Many business owners aren’t aware that a specific form of malicious software, referred to as locker ransomware, can actually shut down your entire computer operating system, preventing you from logging in at all.  Since it is absolutely not beneficial for any business owner to be completely barred from their computer, this particular consequence drives home the importance of ransomware protection unlike any other.

 

3. Financial Loss To Repair Compromised Systems

When a company’s IT systems have been infected with malware, it’s almost always guaranteed to cost them money.  In fact, in 2017, the average cost of a data breach in North America was $1.3 million for enterprises and $117,000 for small and medium-sized businesses.  That’s easily enough money to cause major interruptions in a business, and potentially derail the future success of a company.

These costs come from a range of services that must be completed to rectify the damages of an attack, including:

  • Replacing infected devices
  • Recovery of proprietary data (if possible)
  • Loss of production due to IT systems being down
  • Damage to brand and reputation
  • Potential loss of clients
  • Potential legal fines

And more.

 

What Should I Do to Protect My Business Against A Ransomware Attack?

 

Being proactive is the most advantageous thing you can do to stop ransomware from wreaking havoc on your company.  It’s crucial that you take the time to do a threat and risk assessment to identify weak points in your IT systems.   If you do not have the manpower internally to conduct these assessments, we encourage you to consider trusting our highly-trained IT professionals.

At ARC Business Solutions, we offer unmatched security services, meaning your systems will be backed up regularly, monitored for potential threats, consistently upgraded to ensure maximum protection, and thoroughly inspected to ensure all components are set up securely.  If protecting against ransomware is a priority for you, and you’re looking for a hands-off experience with trained experts you can trust, our managed services division is an ideal option for keeping your IT systems safe.

Lastly, if you suspect a computer or device within your company has been compromised, isolate that device as quickly as possible. Completely disconnect it from other devices, go offline, and document the ransom note by taking a photo of it with your smartphone, or simply jot down any details you can remember.  From there, it is recommended that you contact an IT company or experienced IT professional so you can identify exactly what type of ransomware you have been infected with, and determine the best course of action for combating it. 

 

What You Need to Know About The PIPEDA Privacy Law

PIPEDA

Learn about maintaining PIPEDA compliance and protecting your business from potential threats

The Personal Information Protection and Electronic Documents Act (PIPEDA) was established by the Government of Canada in an effort to safeguard the collection, use or disclosure of personal information during the course of a commercial activity. Or, in layman’s terms, it’s legislation that stipulates how businesses must handle the personal information of the people who interact with their company.  Its core purpose is to protect Canadian citizens from security breaches, placing the onus on businesses to properly manage the personal information they control.

 

Why PIPEDA Matters

In today’s world, businesses and organizations of all sizes, from all industries, rely on computerized data systems to manage information about their clients and the people they serve.  With so much information being shared via the world wide web, the importance of data protection and confidentiality has never been more apparent.  In fact, 87 percent of Canadian companies suffer at least one successful breach per year (of varying severity), and 47 percent of breaches result in sensitive data being stolen

When these security breaches occur, not only is the personal information of a company’s client base compromised, but their business could be subject to an audit by the Office of the Privacy Commissioner of Canada. In some instances, if it is found that a business has failed to meet PIPEDA requirements, the case can be sent to Federal Court, where a business can be ordered to publicly disclose their failure to comply, or even be ordered to pay damages of up to $100,000 per violation.

 

What Businesses Can Do To Protect Themselves And Their Clients

Now that we’ve discussed why data privacy is important, you need to know how to shield your company and your customers from a potential security breach.  Here are some simple steps business owners can take to ensure PIPEDA compliance and protect information within their company:

 

1. Develop And Implement A Security Policy

If you are an operating business, you should already have a security policy in place. But if you don’t, now is the time to get started. 

When brainstorming and creating your security policy, be sure to consider the following:

  • What physical measures can I take to protect personal information within my company? 
  • What technological tools can I use to protect the personal information my business has access to?
  • What organizational controls can I implement to safeguard personal information within my company?

Ask for feedback from your employees regarding your security policy, and dedicate time to identifying any loopholes or weak spots in your plan.  Then, ensure that all members of your team are aware of your security policy and are trained to follow the procedures meticulously.

 

2. Grant Access On A Need-To-Know Basis Only

This is by far one of the best ways to safeguard information within your business and ensure you are maintaining PIPEDA compliance.  Often, employees gain access to documents they don’t necessarily require access to, or employers intend to only provide access for a certain period of time, but forget to eliminate access after the given time period has passed.  

In some cases, former employees aren’t removed from specific programs or accounts, or current employees become complacent, using less-than-ideal passwords than can easily be hacked.  Whatever the case, developing clear and concise procedures for granting access to information is always recommended. These procedures should be followed rigorously, with the same protocols being followed each time access is granted or removed.

 

3. Assemble A Security Committee And Review Policies Regularly

The more time and manpower you dedicate to upholding your security policy, the less likely a violation will be.  Staying abreast of any updates or amendments to PIPEDA is also recommended. We advise checking the official blog of the Office of the Privacy Commissioner regularly for all the latest news.

Sometimes, the best offense is a good defense. For this reason, it’s advantageous to remain vigilant about data protection and to dedicate time to understanding the protection act.   The more knowledgeable and proactive you are, the more resilient your business will be.

 

When To Seek Managed I.T. Services

Sometimes, business owners simply do not have enough time to monitor their security as closely as they’d like, and that’s okay! Depending on the size of your business, the number of employees you manage, and how involved you are in day-to-day operations, it may be best to reach out to a company that offers managed services— like our team at ARC Business Solutions.

The benefits of hiring an IT company to oversee the security of your information include:

  • Peace of mind knowing your IT services provider will provide on-going, real-time monitoring of any potential threats
  • Being able to rely on professionals to enhance your security structures and implement preventative measures
  • The ability to trust your IT services provider to act as a gatekeeper, overseeing who has access to what within your organization
  • Quicker resolutions to security issues
  • Ongoing support and staff training (when required)

At ARC Business Solutions, our managed services team are trained and qualified to provide strategic and tactical security support, protecting you from cyber attacks and eliminating risks.  Remember, 80 percent of SMB owners recognize that today’s cybersecurity solutions have to go beyond basic antivirus, anti-malware and firewall solutions.  If you are one of the business owners who understands the need for increased cyber security measures, but needs assistance implementing a strategy that works, ARC Business Solutions could be the right fit for you.