3 Reasons Why Business Continuity Is Not All About Backups

When people start to think about business continuity for their business, they often go straight for data backups and recovery. Questions they may ask are: is my data being backed up? Will it be safe and secure some where offsite?  What is the process to restore it all ? All of these are valid questions that should be answered by a business continuity plan, but data isn’t the only important aspect of the plan. Below we outline 3 other topics that are vital for developing and implementing your business continuity plan.

  1. Money 

    Money is the driving force in business. Without it there would be no business. If something happens to your company’s building, let’s just say your building is flooded, in the aftermath you will have an overwhelming number of things to deal with and pay for. While waiting for the building to be cleaned up, will the company close? Do you have enough money to pay expenses while you’re not taking new orders? Think payroll, vendor invoices, rent, loan payments, equipment replacement, etc. Having a plan to deal with these things and money set aside for that emergency allows you to be more prepared to pay for such an event, and will keep you operational long into the future.

  2. Prevention 

    Developing an in-depth business continuity plan covering every aspect can prevent your business from going down in the first place. Make sure that plan includes having proper IT security, proper physical maintenance of the premises, and proper maintenance of the equipment. These can help prepare your company for a disaster. If your company is prepared with a plan on what to do and how to do it, you will be able to communicate more efficiently and stop your business from having any downtime at all.

  3. Communication

    Communication to your employees, vendors, and customers about how to handle a business continuity level event is essential to making sure the company gets back up and running as fast as possible. If an event occurs, your employees need to know where they can work from, how can they work, and if they can work at all. Vendors as well as customers need to know how to get in contact with the company and continue to do business. With great communication, everyone still knows what to do, and they’re not left thinking that they should start looking elsewhere while you get back up on your feet.

Business continuity isn’t just about back-ups, money, prevention, or communication. It is about all these topics and more. Business continuity is about knowing your business well enough that it can continue to run (or even thrive) during a disaster. Since our environment is always changing, so too should your Business continuity plan. Be prepared, don’t focus on just one aspect of your plan, spend time to develop each topic fully and in depth so that you will be able to recover quickly and efficiently.

Meltdown and Spectre: What You Need To Know




What is it?

Google security researchers found a couple big new bugs.  These bugs, ominously called Meltdown and Spectre, are pretty serious.  Most security bugs are simple to fix.  The vendor just releases a software patch everything is secure again.  These bugs are actually built into the hardware of your computer (the CPU), so they are harder to secure.  That is why you’ve been seeing so much press about it lately.

The way the bugs work doesn’t really matter, but know that it is difficult to patch completely, and it can put your data at risk, such as passwords, files on your computer, and sensitive info you are working on.  If you want more technical information about what’s going on, here is a great link to read up on it: Click Here

Does this affect me?

Yes.  These bugs affect most CPU’s made since 1995.


I have a Mac.  Am I still at risk?

Yes.  Apple has confirmed their computers and mobile devices are vulnerable.

What do I do?

The good news is, all major hardware and software vendors have been working on fixes for this and they are being released presently.

  • Apple has released software patches to all their devices. So, run your normal software updater, in the App store, to download and install the latest patch.
  • Microsoft gets a little trickier. When testing their patches, they saw some antivirus programs crashing the computer.  They have told all AV companies how to fix their software, but there needs to be a coordination before everything is up to date.  What you need to do:
    1. Update your anti-virus frequently over the next couple of weeks.
    2. Check for Windows Software updates every day, until you get the security patch.

How do I know if I am patched or not?

If you are a Strive Client, ask us if your protected and we will let you know.

If not, here is an technical article on how to check to see if your system is protected: Click Here

Who is exploiting it?

Tough to tell.  Right now, there are no “known” exploits out there.  On the other hand, exploiting these vulnerabilities wouldn’t leave traces in normal logs, so there may be some hackers that keep secrets well and are exploiting them and we don’t know about it.  Bottom line: make sure you have a good antivirus system, keep it up to date, and patch your computers frequently over the next few weeks.

I’ve heard that updating this software patch will slow my computer down, is that true?

Not really.  The computers that are most affected by these changes are Servers and cloud stations that see a lot of work heavy loads.  Traditional workstations should be fine and see negligible performance loss.

5 Biggest Mistakes Businesses Make Developing a Business Continuity Plan


A business continuity plan (”BC plan”) is a plan that prevents the disruption of normal operations of a business and allows for a quick restoration of business operations.  A disaster is not just a natural disaster but can include cyber-attacks, telecom outages, unplanned IT outages, hardware failures, construction mishaps, etc. Having a BC plan in place means there will be fewer questions of what people need to do and how they need to do it when the time comes. This translates to a quicker recovery, less money lost, and less headache for you and your business. All businesses should have at least an outline of a BC plan, but many don’t, or make mistakes when creating one.  Here are 5 of the most common:

“We’re small, so we don’t need a Business Continuity Plan.”

A BC plan includes what to do with personnel, communication, technology issues, facilities, electronic payment systems, liquidity concerns, financial disbursement, and other aspects both in a short-term and long-term settings.  A BC plan can help prevent issues like loss of data or revenue in the event of a disaster and it will provide a road map for the business to recover efficiently with the least amount of downtime possible.  This is a very comprehensive plan that is created to help assist all business sizes.  Small businesses operate similarly to large businesses.  There are personnel that need to be dealt with, technology that may need to be repaired or replaced, a facility where your personnel can work, communication to those personnel and to clients that may need your services during this disaster event. The list goes on.  Just because you may be a small business, doesn’t mean that your business is less important than any other larger business.  Get prepared, stay prepared, and conquer disaster.

“We have our plan written down, we don’t need to test it.”

“No plan survives contact with the enemy, ” said (or thought) every important general throughout history.  This is what happens if you don’t test your BC plan. The enemy here is the disaster waiting to strike, and your plan–if never tested–will probably break. We have all heard stories of the company that thought they were doing backups of their information, but sadly when they needed to restore all that information, it wasn’t there—to their surprise. If they had tested it than they could have fixed the issue! To quote Singleton’s 2nd law of backups “If you aren’t testing backups than you aren’t doing backups.”

“We have a plan that focuses on our technology.”

Technology is the obvious piece that people generally consider first.  But each major function of your business must be accounted for in your BC plan.  These may include:

  • Technology: Computers, telephones, network equipment, wireless, internet access, and data backups.
  • Accounting & Payroll: How will you get your employees paid during an extended outage?  Do you have liquid capital to continue paying your debts, even if you are not taking in income?  Even if you have insurance, it may take a long time to pay out.
  • Communication: How you will get a hold of all your employees, telling them that the BC Plan is in effect?  How will you get a hold of your customers and tell them what (if anything) will change?
  • Facilities: Do you have a spare building available?  Will everyone work from home?  If so, will they be able to and do they know how?  Will you need to move or store inventory?

If you have other major areas of your business, add them to this list.

“Our data is safe, so we should be too.”

Backing up your data is not the only thing you have to worry about. Data may be all the information that a company uses, but is useless if you can’t reach that data.  All your crucial data needs to be backed up, yes, AND TESTED, but what about everything else that is required to run your business. You will need certain services to be able to communicate with key personnel and to clients: Internet, phone, email, etc.  You also may need to repair or replace any technology that you use or your facility before you can even access and start using your data. Getting these parts put into place in a timely manner is a difficult task if all you have is secured data.

“Our owner knows and understands the plan, isn’t that enough?”

This violates one key component of a BC plan: communication. Communication needs to be a two lane highway. The employees must communicate their intentions with the boss, and the boss must communicate their intentions with their employees.  If the owner is the only one that knows the BC plan, than the recovery process can become long and hectic. Employees won’t know how to do their work and the owner will have to manage every little detail. If employees know how to deploy the BC plan than the company will have a better chance of recovering fully and promptly. Communication is key to running a business, don’t let it add to the destruction, talk to your employees about your BC plan.

7 Reasons Why Medical Practices Must Modernize Faxing

When I first started working with medical clients, I was astonished that faxing was such an important technology in their day-to-day operations.  Outside of a couple contracts that needed to immediately verify a signature, I knew of very few companies that used faxing on a regular basis.

But as I got to learn the industry, I saw the benefit.  A lot of records were still on paper and it would be a waste of time to type in data before transmitting it.  Hand-writing notes and faxing letters was faster than finding a computer and typing anything up.  And–most importantly–everyone still used faxing, so everyone had to continue supporting and using faxing.   So faxing in the medical world definitely has its uses and needs, but there are some problems with it.  Below, I have listed 7 reasons why medical practices must modernize faxing, but there are many more.

7 Reasons Why Medical Practices Must Modernize Faxing

  • No verifiable chain of custodySending out a fax is somewhat like sending out a carrier pigeon.  Once you’ve sent it, you just hope it gets to the intended recipient and no one else looks at your message.  But there is no way to verify this actually true.
  • No archiving – Many practices need to archive all documentation for compliance reasons.  Yet most people aren’t archiving faxes.  They get read, maybe some of the data gets entered into the EHR, they get processed, they get thrown out (and hopefully shredded).
  • Archiving is likely unsecure – If you’re one of those few that do file away all everything, good for you!  But unless you’re scanning everything that comes through your fax machine and attaching every document into an encrypted EHR system, it is likely that at least some of your faxes are being stored in a non-secure manner available to people that shouldn’t have access.
  • Data can be pulled from fax machines – Similar to printers, many fax machines store images of faxes unencrypted on a local hard drive.  Many of these images never get deleted, even when the machine gets thrown away.
  • Anyone can see incoming faxes – Anyone walking by the fax machine can read incoming faxes, even if the “attention” line is not addressed to them.
  • Unencrypted transmission – With few exceptions, faxes are transmitted unencrypted and can be captured and read by anyone caring to listen.
  • Expensive – Traditional fax machines don’t play well with modern Voice over IP telephone systems.  This means even though you have a brand new VoIP phone, you’re probably still paying $100/mo for the telephone line, plus paper, toner, drums, machine maintenance, and machine replacements.

Fax is visual data encoded into audio signals and sent over an audible medium. It was built on a circuit-switched assumption: that the transmission would have the whole communications pathway the whole time. IP is not built to handle audio, but data. It assumes data can be broken up and reassembled perfectly. It does great with data that can be re-assembled later. It is fine for voice which our ears are trained to fill in the gaps when a fraction of a second skips. But when some small fraction of the encoded fax gets lost or reordered, it can wreak havoc on a fax. Whereas humans are built to fill in missing bits, faxes are built to fail completely and ask for a retry

Electronic Faxing – A Better Alternative

One of the major reasons most medical practices still fax is because other docs are faxing them, and require faxes be sent to them.  We’re not advocating dumping faxing altogether, but by modernizing it with electronic faxing, inter-office communication can be more secure, more reliable, and more efficient.

  • More Secure – Many electronic faxing systems have a website portal that log who has accessed which fax.  This gives a verifiable chain of custody that you can use with HIPAA auditors to prove your compliance.  Only those who are supposed to see a document get to.  They can also offer encryption for transmission and storage, and archived for the long term is usually built-in.
  • More Reliable – Fax machines are notoriously unreliable.  It is out of paper, the machine is off, the phone line is busy, someone mistypes a number, etc.  All of those problems go away with electronic faxing.
  • More Efficient – How much time in your office is wasted printing something out, standing over the fax machine, making sure an important fax goes through, calling the other side to confirm receipt, and doing it all over again when it fails?  With the ability to fax something right from an email or printer window on a computer, employees get to send out a fax and get right back to work.  The system handles all of the retries and delivery notifications.  You and your staff get to be with patients instead of dealing with too much paper.

If you are curious about a fast, secure, reliable e-fax system, please call us today.  We can handle all of your faxing needs, make it easier for you and your team, and remain HIPAA compliant the whole time.

Am I protected against Wanna Cry / Wanna Decryptor?

There has been a global ransomware attack that has struck over the last few days. It has been in the news a lot over the weekend. The New York Times has a good overview of it available here.

We have had several questions about it and wanted to create an easy place to gather all of the information.


Here are the major questions we are getting so far from clients and others.:

Q: I am a customer of Strive IT. Am I protected against Wanna Cry / Wanna Decryptor?
A: Yes. If you are on our fully managed support plan, then you are protected on multiple fronts.

Q: What is this new virus I’m hearing about?
A: It is called Wanna Cry, or Wanna Decryptor. It is ransomware, which means if you get infected, the virus encrypts your files and doesn’t give you access to them unless you pay the virus creators.

Q: Is my computer vulnerable?
A: This virus attacks a security vulnerability in the Microsoft Windows operating system.  All versions except are at risk, though there are claims that Windows 10 is safe.  This vulnerability was discovered some months ago and Microsoft released a patch in March to fix it.  If you are running Windows Update regularly, you are probably secure.  All Strive IT customers with full management plans are protected.  If you want to be sure, Microsoft has created a special page dedicated to this particular update.  Those on bill-by-the-hour plans should call us to ensure. Click here to download the update.

Q: I don’t know if all my computers are updated. Does Antivirus help?
A: If you are using Strive IT’s antivirus program, you are protected. We use Kaspersky antivirus, which is known to detect and block the virus. At this point, all the major antivirus companies have released new definition files that should protect against infection. Check with your AV vendor’s website to be sure, and open your AV and run an update to ensure you have the latest protection rules.

More Information
If you want to learn more about how to protect yourself against viruses, check out our two part blog series on this subject: Part 1, Part 2.  Also, Why Do Hackers Write Viruses might be of interest.

Getting help from us

If you are concerned about protection on your network and would like help from us, please call us at 303-963-2301 or email at contact@striveit.com.


As we learn more about this infection and have new information, it will be posted here.

May 15, 7:58 A.M.
Security researchers have found a hidden “kill switch” to this virus.  This effectively stops the virus from working.  This is great news but–like biological viruses–new strains of this ransomware have evolved without this kill switch.  If you hear about a secret website that stops the virus from working, this is true.  However, don’t trust it because it doesn’t help in all cases anymore.  Please update

How “Fast” Is My Internet?

Have you ever called up Comcast or CenturyLink and asked them, “How fast is my internet?  Because loading webpages is really slow”?

Have you ever been frustrated at the end of that conversation?

The problem is that there different ways of measuring speed, and you are not using the same metric they are.

3 Different Speed Measurements

Here is the technical bit of the article, but it’s only 4 sentences, so stick with me.

When network professionals talk about speed, it is measured in 3 different ways:

Bandwidth – The theoretical maximum amount of data that can move from point A to point B in a given period of time
Throughput – The actual amount of data moving from point A to point C in a given period of time (Yes, points C and B are different)
Latency – Time it takes to get a tiny bit of data to go from point A to point C

Can you see the problem?  They all refer to “speed,” but Comcast talks about speed in terms of bandwidth, and you talk about speed in terms of throughput.

Car Analogy

Instead of bits, points, and internet lines, let’s use a couple  transportation analogies.

Latency vs. Bandwidth

You have 8 people you want to move from Boulder to Denver and you want to know how long it will take them to get there. You have a Tesla and a minivan available to you. Clearly, the Tesla can get make the trip faster than the minivan. This is latency: the speed at which a small group of people can go from point A to point B. The latency of the Tesla is 200 MPH, the latency of the minivan is more like 85 MPH. (We’re breaking speed limit in the name of this thought experiment).e

However, the minivan can carry all 8 people at once, where the Tesla would have to take many trips, so the minivan has more “bandwidth” and can deliver all people in less overall time.  It’s not as fast on the speedometer, but it gets everyone there in a shorter period of time.

As far as technology goes, VoIP systems rely on latency.  They deliver small bits of data and it needs to get there fast to sound good.  Streaming video relies on bandwidth, because videos are large and it’s more important to get the whole thing at the same time than a little bit faster than another part.

Bandwidth vs. Throughput

To illustrate the difference between bandwidth and throughput, let’s take a different transportation example.

You are driving down US-36, a 3-lane highway with a 65MPH speed limit.  If you call the Colorado Department of Transportation, they might tell you that you that this highway can handle 500 cars per minute.  That is the “bandwidth” of the highway, the theoretical maximum number of cars that can travel along that road.

You’re calling them because you are stuck in traffic and 500 cars per minute are definitely not passing through the highway at that time.  This is “throughput,” the actual number of cars that are traveling along the road at that time.

How Fast Is My Internet?

This is why it is frustrating to call Comcast and tell ask them “how fast is my internet?” They tell you you have plenty of speed on your line, because they are talking about bandwidth.  You care about throughput, because it’s the speed you actually experience when downloading a webpage or video.

The trouble is, so many things affect throughput: your computer, your local network, your internet connection, potential troubles on the internet at large between you and the where the webpage is hosted, their hosting company, their internal network, their servers, etc.  When you call the ISP and complain about speed, they can only address 1 link in that grand chain of networks.

If you are having troubles with internet speed, it may not be as simple to fix as calling your ISP and telling them to give you more bandwidth.  There may be other problems that are causing your throughput to be diminished.  Call us for a free network evaluation if you are having troubles with your internet speeds and don’t know how to fix them.

Cyber Security for Small Businesses

Cyber Security for small businesses is one of those black giants that everyone “knows” is important, but most people don’t know what they really need to do to get it.  Many small businesses leaders think that their businesses are not at risk because they are small, unimportant, and therefore not worth hacking.

This is a dangerously false belief.

Security expert Brian Krebs recently published his Immutable Laws of Data Breaches, and they can shed light on why even SMB owners should be concerned about cyber security:

  • If you connect it to the Internet, someone will try to hack it.
  • If what you put on the Internet has value, someone will invest time and effort to steal it.
  • Even if what is stolen does not have immediate value to the thief, he can easily find buyers for it.
  • The price he secures for it will almost certainly be a tiny slice of its true worth to the victim.
  • Organizations and individuals unwilling to spend a small fraction of what those assets are worth to secure them against cybercrooks can expect to eventually be relieved of said assets.


Everyone’s network is at risk and has valuable data.  Ask yourself how much it is worth to you, not to the hackers.  What fraction of that value are you willing to invest to ensure it remains safe?


What SMB’s Should Do – 3 Steps

If you are an SMB trying to secure your own network, start with the following three steps:

  1. First, look at what you are wanting to secure ehendro. Think about physical equipment, data in all of its locations and applications, trade secrets, the network as a whole, and any other areas of concern.
  2. Next, for each of these areas, ask yourself: how would a thief gain access or steal it? You don’t have to know specific hacking techniques, general patterns are fine. For instance, data can be stolen when it is in transit (going over the internet) or at rest (stored on the hard drive). Your network can be accessed by nefarious/unwitting employees or remotely over the internet.
  3. Finally, go through each of these areas and each “attack vector” from step 2 and develop a plan for securing against each attack. If you are concerned about physical theft, add “move equipment to locked rooms” to your security plan. If you are worried about social engineering—people tricking employees into divulging information—then develop a training to inform them of the threat and put policies in place to get authorization before giving out sensitive information.

That is a good method for creating a s custom security plan for your unique environment.  You can also use the following general precautions every business should consider if they are concerned about security:

  • Have a business class firewall protecting the network. The cable or DSL modem that your ISP gave you is not sufficient.
  • Antivirus should be on all computers. This should update automatically and scan, in real time, all accessed files or devices (e.g. USB thumb drives).
  • Antimalware should be on all computers. This is similar to antivirus, but it looks for different kinds of malicious software.
  • Have a service scan and filter website traffic. This will help ensure software doesn’t make it to your computers, so AV won’t have to catch it. It can also help you block certain types of traffic, such as pornography or gambling, to keep your employees more productive.
  • Find a good email filtering service. This is not just for spam, though that is a good benefit. Most ransomware these days is transmitted through email, so make sure it is clean before it makes it to your computers.
  • Install encryption on all servers and workstations and make sure your sensitive data is stored there. This way, if something gets lost or stolen, your data is inaccessible to the thief.
  • Install physical locks protecting network equipment, servers, and any sensitive data storage devices.
  • Have Good Backups! As good as your security is, assume the thieves can get away with something.  Make sure they don’t steal the only copy.  See our series on backup and disaster recovery for more info on this.
  • Training and education. New security threats are always coming up and old ones are becoming new again. You and your employees don’t need to become security experts, but if they can be aware of what is out there, they will be in a better position to protect the company.

We would love to help you put together a cyber security strategy for your business.  If you are interested, please contact us for a free consultation!

Why Do Hackers Write Viruses?

It’s All About the Money

Everyone hates viruses.  They are annoying, slow your computer down, and don’t seem like they’re doing much.  So why do hackers write viruses?  Is it just to be annoying little punks who want to feel powerful?  There is probably some percentage of viruses that get released that way.  But most often, it’s all about money.

First: Steal the Data

The first thing virus writers think about is what data they want to steal.  This can be social security numbers, health records, email credentials, active email addresses to spam (i.e. your address book), or any other type of data.  Sometimes it’s not even data they’re stealing, it’s resources.  They can use your computer’s CPU and internet connection to mine bitcoins, launch attacks on the people they’re really after, send spam, etc.  And it doesn’t matter if you don’t have these things on your computer.  They’re usually not targeting you specifically, they just release the virus on the public hope it lands on valuable computers.

Next: Bundle the Data

If someone steals your credit card, you will cancel it.  One stolen credit card number isn’t worth very much.  But thousands of credit card numbers are worth something, because some fraction of those people won’t know their cards are stolen, and the numbers will still be good.  The same goes for email accounts, health records, spam lists, and most other easily-stolen data.

Last: Sell it to Hackers & Criminals

That’s right: Hackers are stealing your data to sell it back to other hackers.  If someone can buy a thousand social security numbers and health records for $500 per bundle, 10 of those might be good and they can create fake identities, selling them for $1000 apiece.  (I’m making up the numbers, but you get the idea.)

Or: Sell it to Users

In the case of ransomware, they aren’t selling the data to other hackers.  They steal (encrypt) your data and then sell it back to you.  If you are new to ransomware, check out our article on Cryptolocker for a description of how it works.

Recap: Why do Hackers Write Viruses?

Because they can make money.  Good spammers can make six figures per year, but they need lists of real email addresses.  CryptoLocker was thought to have made $30 million, but they need access to computers so they can encrypt users data.  Viruses are how they get this data.

What can you do about it?

  1. Get a good firewall and spam filtering service
  2. Get good antivirus and anti-malware software on your computer and update/scan regularly
  3. Keep your computer and all programs up to date
  4. Back up your data often

If you are worried about your security and how well protected you are against viruses, contact Strive for an evaluation.  We can help keep you safe, secure, and always running smoothly.

HIPAA Compliance Self-Assessment

HIPAA compliance is scary and difficult, and for small practices it can seem unreasonably burdensome.  For those businesses, we offer one of the most comprehensive HIPAA Compliance services in the industry.  Find out more about it here.

For those still in the research phase, we would like to offer you this HIPAA Compliance Self-Assessment.  This is by no means comprehensive, but it will point you in the right direction in your research. Read on to learn what you can do to become HIPAA complaint.

Security Policies and Procedures

Establish policies in order to handle and manage all security violations

  • Are your employees aware of the penalties that ensue from security violations?
  • Are internal penalties in place for employees who violate security procedures?
  • Do all your users know what to do in the event of security incidents or issues?
  • Is there a process in place to document, track, and address security issues or incidents?
  • Have you hired someone to track all security logs, reports, and records?
  • Do you have a security official in charge of a password and smart security policy?
  • Have you ever undertaken a risk analysis?


In the event of an audit, you will need to prove your compliance.

  • Have you written down your security policies and procedures for your records?
  • Do you have documentation proving you’ve trained all your employees?
  • Do you have documentation proving you performed security risk assessments (SRA’s)?
  • Where the SRA shows shortcomings, do you have a remediation plan written down?
  • Do you have copies of all Business Associate Agreements (BAA’s)?
  • Do you have an incident management plan to show the auditors?
  • Is all of your documentation updated regularly and do you keep old versions to show progress?

Access Management

Restrict access to ePHI to those who have permission to access it.

  • Do you have measures in place to authorize or supervise access to ePHI?
  • Are there processes for determining the validity of access to ePHI?
  • In the event of employee termination, is their access to ePHI blocked?

Security Awareness Training

Establish a security awareness training program for all staff.

  • Are employees regularly reminded about security concerns?
  • Do you hold meetings about the importance of password, software, and IT security?
  • Are your employees aware of the process surrounding malicious software?
  • Do you have procedures for regular review of login attempts?
  • Do those procedures check for any discrepancies or issues?
  • Have you established procedures to monitor, manage, and protect passwords?

The Worst Case Scenario

Implement a plan for the protection and use of ePHI in the event of an emergency or disaster.

  • Are there tested and revised plans in place for an emergency?
  • Have you analyzed the applications and data needed for these emergency plans?
  • In the event of a disaster (I.T.E.O.A.D.), can you make or retrieve copies of ePHI?
  • I.T.E.O.A.D… Can you restore or recover all ePHI?
  • I.T.E.O.A.D… Will your ePHI be protected?
  • I.T.E.O.A.D… Can critical ePHI related business functions be completed?


I would like to thank Harrison Depner for this HIPAA Compliance Self-Assessment, first published at Kaseya’s blog.

6 Things to Consider Before Upgrading to Windows 10

Windows 10 Upgrade Is Available

Windows 10 has been available for a year now, and Microsoft wants everyone to upgrade to it.  You may have even seen some of the “invitations” to upgrade.  They’ve been pretty pushy about it.

As with all Microsoft upgrades, this is a mixed bag.  You may want to do it, you may not.  To help in your decision, here is a list of 6 things to consider before upgrading to Windows 10.

Upgrade Considerations

  1. The upgrade is free, but only for another month.  Microsoft is offering free upgrades via Windows Update until  July 29.  After that, you will have to pay for the upgrade.
  2. The Start menu is back.  One of the biggest complaints about Windows 8 was the removal of the Start menu.  Microsoft listened to the feedback and brought it back for Windows 10.
  3. New look & feel. Some people love it for its simple and sleek look.  Some hate it, finding it over-stylized and less functional.  This shouldn’t make or break your decision, but realize it is different.
  4. Not all software & hardware is compatible. Even some newer computers were designed with components that couldn’t be used with Windows 10, or haven’t been tested yet.  So before you decide to upgrade to Windows 10, call your computer company and make sure they have up-to-date drivers for all of your PC’s components.  Also call your major software vendors and make sure their software has been tested on Windows 10.
  5. Upgrading can fail.  All of the upgrades we have seen and performed have gone smoothly and successfully.  However, we have also heard about a lot of unsuccessful attempts.  In fact, a company in Seattle just sued Microsoft–and won–for lost wages and a new computer because of a failed (and unauthorized) upgrade to their computers.
  6. The cost of upgrade problems. If the upgrade goes south, your computer(s) may be less efficient, may crash more, may become unusable, or may lose data.  It will probably go fine, but plan on a couple of days of problems, inefficiencies, and getting used to the new changes.

Our Advice

After considering all of the above, ask yourself why do you want to upgrade?  Do you need it?  If there are tangible benefits to Windows 10 that you really want now, then it is worth the risks.  Call your PC manufacturer and software vendors and make sure they all support Windows 10, then go ahead and upgrade.  If there isn’t a specific feature or set of benefits you are trying to leverage, we recommend not upgrading.  We generally recommend replacing computers every 3-5 years (click here to find out why).  And Windows 7 and 8 will be under official Microsoft support until 2020 and 2023.  This means you can upgrade to  Windows 10 safely as you replace your older machines rather than doing somewhat risky in-place upgrades on your existing production machines.


Have questions on Windows 10 upgrades or how to create a technology plan so you don’t have to worry about these kinds of things?  Call us today for a free 30 minutes telephone consultation!