Last October, Innovative Network Solutions Inc. purchased 5 Hillandale Ave., a 12,000-square-foot office building in Stamford, for $2.15 million. The 2-story property will become the headquarters for this IT consulting firm that was co-founded by Imtiaz Allie, whose company is currently in a 4,300-square-foot leased space at 2001 W. Main St. in Stamford.
In this edition of Suite Talk, Business Journal Senior Enterprise Editor Phil Hall converses with Allie on his company’s work in the cybersecurity field and the challenges facing IT professionals in today’s cyber-unfriendly environment.
When did Innovative Network Solutions begin and why did it begin?
“We started in 1997. At the time my business partner Vinny LaRocca and I saw the need for this. We were both working at Reuters and realized there were not enough IT companies available. That’s when technology was really starting to change how companies operate. We decided to do this on the side and it eventually grew into a business.”
I noticed in your marketing material you are asking companies: “Is your organization ready for 2020 for IT security?” Well, are most organizations ready for IT security this year?
“No, unfortunately not. Most businesses, especially small businesses, don’t seem to be making the investment requirement from a cybersecurity standpoint. So, when it comes to some of the basic things like changing passwords and having filtering in place — they are looking at those as a cost. Small businesses are not up to speed in being proactive in terms of cybersecurity. That is the biggest risk in IT.
“I think it is also about education. I feel the larger businesses are starting to understand the need of staying ahead with the technologies. I don’t think the smaller businesses understand the risk and what is involved. We are taking time with these customers and are educating them.”
What do you see as the biggest security risk for this year?
“The biggest risk is around ransomware and the bad actors penetrating your office environment. Every day we find out a different way of how they are accomplishing that.”
Ransomware victims come in all sizes and in all fields, from government agencies to small businesses. How do these cybercriminals decide upon their ransomware targets?
“They are targeting the environments that don’t have a standard or basic level of security in place. It’s surprising, but I feel more and more businesses and municipal governments are just now starting to understand the risk.”
Is it possible to exorcise ransomware from your computer network without paying the ransom?
“Yes. Backups are really the biggest way you can get around that. The few companies that have no way around a ransomware attack either lack the backups or their backups are internal and once they get infected, the cyberattackers also capture the backup solution. If the company is in a position where there is backup off-site and they are tracking and making sure it is completing on a daily basis, then that is the best way to get around attacks trying to encrypt data.”
When your team performs an audit of your clients’ offices, what are the key things that you look for?
“We have a checklist, but some of the major things are whether there is backup policy, if there is antivirus that is running and being updated daily and if there is some form of web filtering. After all, what is everyone doing today except surfing the web? Having a web surfing solution in place can make sure your users are not clicking on bad links.
“Less obvious on our list: What process do they have in place? Is there a process for any changes made in their IT environment? Can someone just walk up and get on a machine? Is the computer room secure? Also, where are they buying their equipment?”
Why is the source of the equipment of concern?
“It depends where you get your equipment from. It could either not be the real thing or from sellers that could inject something into the system. The bad actors are selling this stuff on eBay and could be putting malware in these devices.”
What goes into the training of your staff?
“We are not a large corporation but we try to make a real investment in our people. We incent the guys to get certifications. We pay for the certifications and reward them for passing their exams. We provide a list of certifications that we deem to be necessary for our business and the clients we support.”
Who are your clients and how do you attract new clients?
“We have teams in Houston, Boulder (Colorado) and San Francisco. We provide nationwide service but 40% to 50% of the business is in the tri-state area.
“We get new clients through referrals from our customers – word of mouth. We don’t have a marketing team. We’re working on that now, but that’s how we built the business.”