Why should small businesses partner with a MSP?


Small businesses exist in many forms in the United States and can exist as a small corner store or a medical practice. The average consumer utilizes small businesses more than they think during an average week. Over the years I have heard small business owners describe their business as insignificant, small and not worth a cyber attacker’s time. But the truth is that small businesses are more vulnerable than ever, and cyber criminals know it. 

A managed service provider has the expertise needed to help guide small businesses at a fixed monthly cost. Managed service providers have the staff needed to be able to take care of anything from desktop repair all the way up to cyber security needs. Leveraging the services of a managed service provider (MSP) provides you access to a wider range of technical skills than you would not otherwise have with internal staff. What this means to the small business owner is that someone is taking care of the businesses most vulnerable information. Managed service providers are experts in security, backups, maintenance and disaster recovery.

So why should small businesses partner with a MSP?

When a small business makes their cyber-security needs as a priority, their continued success in the community is most affected. The reputation that they have built up over the years remains intact and shows continued respect for the ever-changing way in which consumers interact with their business. There are many resources available for small business owners who cannot afford to hire full-time staff with managed service providers and partnering with the right company that can provide support for the ever-changing technology needs from the business is critical to the continued success of the business. As much as 60 percent of hacked small and medium-sized businesses go out of business after six months. A data breach for a small business can be a fatal blow and turn a once successful venture into nothing but painful distant memories.


Protecting your sensitive information from the wrong people is a major concern in the information age. That almost always, at some level, involves passwords.

You’ve seen those aggravating password policies that require certain characters, or length, or expiring every so often. Here, let’s reverse engineer what makes a good password, and determine how you can create consistently good passwords.

Ways to “hack” a password

To state the obvious, a password works if you know it. There may be additional authentication factors in a given system that verify one’s identity, but as we’re just looking at passwords, a system doesn’t care who enters the password: anyone who knows the password can authenticate with it. There are several ways the wrong people may come to know a password they shouldn’t.


This often originates via a fraudulent email, with the end goal of having the user type their actual password somewhere that allows the attacker to see or copy the password and use it themselves. They are hoping the user is either not aware of such scams or not paying attention to the warning signs (email sender, browser domain name, typos...) In my own experience, this is the most common cause of “getting hacked.”


This would be the Sherlock Holmes style of password cracking. The person trying to access the information would, usually through social engineering, learn details about their target (pet’s name, anniversary date, etc.) and try those. They are hoping their target chose something short and easy to remember. Or wrote it on a sticky note underneath their keyboard.


These lists can come from the data breaches that make headlines, or from smaller ones you never hear about, but the result is the same: actual passwords are obtained and shared. Responsibly organizations will force a password reset and notify their users as soon as they become aware of a breach, but attackers hope the victims use that same password on multiple systems and try it elsewhere.


This one lets computers do all the work. A fairly simple script cycles through either a dictionary of common passwords or every possible combination of characters until it finds one that works. The hope here is that the password is short enough that a computer can crack it in a reasonable amount of time, and they’re getting faster every day.

Bad passwords

So to mitigate all those methods, we don’t want a password to be:

  • guessable

  • reused

  • short

But it does need to be easy to remember...

Practical passwords

Personally, I have passwords to ~300 websites. That doesn’t include all the passwords I use as an IT admin. Out of those, I could only tell you what two of them are: the one for my bank, and the one for my password manager.

Password manager

Password managers remember all your passwords for you, so you don’t have to write them down. Decent ones store your passwords in a cryptographically secure way that only you can access, essentially making them “breach proof.” Good ones will work on all your devices, and can also generate long, random passwords for you, so you have no reason to reuse a password you used elsewhere. Great ones will even track all those breaches for you, so you can change any compromised passwords as soon as possible.

At Envision Design, we use and recommend 1Password for personal and business use. You can read more about this popular and secure password manager and contact us for a quote for your team.


When you do need a password you can remember, like for your password manager: use a passphrase. Pick a favorite verse from a song, or quote, or line from a book... you already have a lot of phrases memorized, so use that! For example, the passphrase:

Welcome 2 the Jungle — we’ve got fun & games!

is long, I’m the only one who knows how I chose to spell, punctuate and capitalize it, and is super easy for me to remember. (I put passphrases after password managers because many sites don’t allow for lengthy passwords with all the symbols, so you’ll still need those randomly generated strings.)

Still have questions about how to protect your personal or business information online? We offer a full array of cyber security services and products, so reach out to us to set up a quick meeting or consultation!

New Years Resolutions - 1 month down, how are we doing?

January draws to a close this week, and we are super-excited about 2019, right? At least that’s what we said a month ago; so now it’s time for a progress report. Vector check. Monthly review. Self-assessment. Call it what you want, but reviewing status is a no-brainer, especially when it comes to business goals.

Over the past month I have had many conversations with clients and interested parties regarding Envision Design’s security, data protection, backup, and recovery processes. Surprisingly, some business owners still seem to treat these aspects of protecting their businesses with a casual, “Hey, it’s good enough. I’m pretty sure there’s nothing that can go wrong, and I am fairly certain I can recover what’s needed so I can stay up and running.”

Well, maybe that’s a bit overstated - they haven’t really been THAT casual. But some responses have indicated a bigger lack of awareness. Some even seem to be the proverbial ostrich with its head in the sand. So what happened? Think of the New Years Resolution of “I am going to be serious in 2019, look into vulnerabilities and weaknesses my business has, and mitigate or even eliminate the chance of going bankrupt this year.”

Tom Sands, here - your friendly Client Relations Manager at Envision Design. Maybe it’s just the career Army guy in me, but protection is ALWAYS critical. From an outpost of 1 Soldier doing daytime duty at the front gate of “Camp Swampy,” USA, to a Corps of over 60,000 people deployed for months (or years) of combat operations - and all points in between - it always starts with security. We protect ourselves first, make sure we can communicate second, and then take care of myriad priorities of work from there.

I have found the business world to be no different. If money or information is exchanging hands, external forces seem to be ready to pounce. They want to catch a free ride; and they are looking for an easy chance to intercept some, all, or even MORE than just the transactional amount. Treasure troves have been released by simple, small vulnerabilities. Look at the Target breach of millions of customers’ data - it occurred largely because the Heating Ventilation Air Conditioning (HVAC) log-in was simple, AND it was on the same network as the financial data. I’ll bet the Target leadership did NOT have the New Years Resolution to ensure they had heightened security in 2013. That said, after the November incident, we can all be assured that their 2014 resolution included a healthy dose of security upgrades.

Heading into February, our Envision Design newsletter will hit the streets in a week. Along with it is the monthly free report, “The 7 Most Critical IT Security Protections Every Business Must Have In Place NOW To Protect Themselves From Cybercrime, Data Breaches And Hacker Attacks.” Truth be told, none of our clients are the size of Target; but we treat each one with the same level (or an even HIGHER level) of respect in terms of securing, monitoring, protecting, backing up, taking actions against threats, and preparing to recover their data. At the beginning of the 2d month of 2019 would be a perfect time to review the 7 Protections checklist. Reflect. Assess. Take action.

Our clients went into business to help people, to follow their passions, and to make money in the process. We aim to have them ALL on board when we roll into 2020, so we work hard during the day to stay ahead of threats - learning, studying, training, monitoring, watching for anomalies or intrusion - and we sleep well at night, assured that the systems are in place to make all of that happen 24-7. It’s like being in the Army, again - we are on duty all the time.

Contact us any time - email help@envisiondesign.net or or call 832-442-8588.

Ever Vigilant -  as a modification of the National Security Agency’s motto,  Envision Design is “Defending Our  Clients , Securing The Future.”   See where your business stands.  Fill out a basic 20-question checklist;   take our survey, and let us help you    bring your vision for your business    into focus.   Click the image above to visit our internal page. We will contact you to review your results.

Ever Vigilant - as a modification of the National Security Agency’s motto, Envision Design is “Defending Our Clients, Securing The Future.”

See where your business stands. Fill out a basic 20-question checklist; take our survey, and let us help you bring your vision for your business into focus.

Click the image above to visit our internal page. We will contact you to review your results.

Tech Applied - January Newsletter is available for download

TechApplied 01.2019

TechApplied 01.2019

This month’s newsletter has everything from a book recommendation for “Good to Great” by Jim Collins, to business lessons from Shark Tank’s Robert Herjavec, to a quick lesson about 5 sneaky tricks cybercriminals use to hack your network.

Click on the image to download your free copy. You can also contact us via our website and let us know if you would like to have a printed copy sent to you each month.

If you have questions about any of the IT issues discussed in the newsletter, or ANY IT issues for your business, please don’t hesitate to call or email.

Envision Design is the only certified member of the Apple Consultants Network that has been helping Houston businesses manage, monitor, and secure their technology systems for over 25 years. Whether you

…need to comply with industry mandated security requirements like HIPAA

… you want to implement a backup and disaster recover plan

… or you simply want to improve the productivity and profitability of your team,

Envision will manage all your IT needs so you can get on with the great work YOU want to do. With no long term contracts, we retain clients by providing outstanding customer service. Fluent in both Apple and Microsoft solutions, we ensure your critical data has been backed up and is protected with a disaster recovery plan in hurricane prone Houston.

Call us today today at 832.422.8588 or toll free at 1.866.966.9406 to schedule a free consultation meeting.