Home Sections Archive by category Technology

Technology

Technology

Into the Breach

Cybersecurity experts say there’s still plenty of misunderstanding when it comes to the reality of data threats. For example, it’s not just big companies being attacked — these days, everyone is a target, and data thieves are becoming more subtle and savvy with their methods. That means companies need to be more vigilant — but it also means career opportunities abound in a field that desperately needs more young talent.

Everyone knows what cybersecurity is. Fewer know what people who work in the field actually do — and how much they earn.

And that’s a problem, Tom Loper said, when it comes to drawing young talent into a field that desperately needs it — and will need it for many years to come, as the breadth and complexity of data threats continue to evolve.

“That’s why we need to start with the high-school students,” said Loper, associate provost and dean of the School of Science and Management at Bay Path University. “They don’t really understand cybersecurity, and that’s a big problem because we have this incredible shortage of folks qualified to work in cybersecurity.”

Bay Path is doing its part, he said, not only with two undergraduate programs in the field and a graduate program in cybersecurity management, but by actively promoting those tracks to incoming students with undecided majors.

“We allow them to take cyber courses that first semester just to try it out, and the whole faculty is steering them toward it because the pay is so good in this field. Most of the ones who take it, believe it or not, they stay in that field,” he said, noting that about 90 students are currently enrolled in the three programs. “That’s a pretty good number for a small school like this. Now, we’re trying to get more high-school students to understand.”

“Companies are becoming more savvy. They’re asking, ‘how protected am I?’ The word’s getting out there, but unfortunately, it’s getting out because someone hears that a friend or another company got attacked.”

Loper said Bay Path’s programs are tailored specifically to the requirements of various cybersecurity careers, so students can get entry-level jobs immediately and go on to earn whatever further industry certifications they may need. “We have graduates making $60,000 to $80,000 coming out of school with these degrees. And if they get some experience before graduation, they’re worth even more.”

Tom Loper said cybersecurity is a complex challenge best tackled from a region-wide, ‘ecosystem’ perspective.

To that end, Bay Path recently won a grant from the Mass Cyber Center at MassTech to support internship and workforce experiences for students. That’s just one aspect, he said, of the way the region can build a cybersecurity hub from what he calls an “ecosystem perspective,” one that encompasses high-school and college students, workforce-development programs, government agencies, and business sectors where cybersecurity is important. These days, that’s most of them.

“Companies are becoming more savvy,” said Mark Jardim, lead engineer at CMD Technology Group in East Longmeadow. “They’re asking, ‘how protected am I?’ The word’s getting out there, but unfortunately, it’s getting out because someone hears that a friend or another company got attacked. But they are calling us and saying, ‘how can we be more protected?’”

Chris Rivers, vice president of Phillips Insurance in Chicopee, agreed that more companies are coming around to the threat potential.

“It sometimes depends on whether they’ve had an incident or a near miss,” he said, adding that, while people may hear news reports about data breaches at large companies, no business of any size is totally immune.

In fact, “smaller businesses tend to have less security, and sometimes it’s easier for hackers to get in there, taking credit-card information or any type of information, really. Think of a law office, and the risk of private information being taken and used against clients.

“Things we’ve preached over the years still hold true — they just keep changing the vector of attack. And the damage to smaller companies is more significant because they often don’t have the resources to deal with it, and it’s painful.”

“If you have a breach and data is stolen,” Rivers added, “it can get pretty costly.”

Data security has become a primary form of business insurance at all commercial agencies, but a policy to recover damages, even a comprehensive one, isn’t enough; the long-term brand damage, Rivers noted, is much harder to quantify. “Once your reputation is gone, it’s gone.”

The fact that businesses are catching on to this reality, combined with high-tech advances that will making defending against cybercrime more challenging, has created significant opportunities in what promises to be one of the most important career fields over the next decade.

Human Nature

Charlie Christianson, president of CMD and its sister company, Peritus Security, said data breaches cost companies $11.5 billion in 2019. And the threats come in many forms.

“Things we’ve preached over the years still hold true — they just keep changing the vector of attack,” he told BusinessWest. “And the damage to smaller companies is more significant because they often don’t have the resources to deal with it, and it’s painful.”

The human element to data breaches is still prominent, as e-mail phishing schemes remain the number-one way cybercriminals gain access to networks. These often arrive with URLs that are very close to a legitimate address. More importantly, phishers are ever-honing their ability to replicate the tone, language, and content of the supposed sender.

“They look incredibly realistic,” Christianson said. “A week doesn’t go by where we don’t get one and say, ‘wow, this looks good.’ For people who don’t live it every day, it can be very easy to fall into the trap. The trick is to just stop and think about it before you click on it.”

These attacks are more specific and targeted in the past, he went on, but they’re not the only way data thieves are getting in. Another is through employees’ personal devices, which don’t typically boast the security features of a large corporate system.

“Devices are hit and used to launch an attack, or they’re infected and brought into a secure environment. What’s on that device can get into the corporate network and spread,” he explained, which is why many companies have tightened up their BYOD (bring your own device) policies.

“That’s slowing down as businesses are becoming aware of the risk,” Jardim added. “We’re actually seeing a trend of slowing down the bring-your-own-device idea in the workforce; companies are saying, ‘maybe we shouldn’t do that because attackers are using those vulnerabilities.’”

The trend known as the internet of things, or IoT, poses new threats as well, Christianson said.

“When people think about securing their network, they think about their computers, their servers, their tablets, things like that. But they don’t think about the SimpliSafe security system or the time clock that hangs on the wall or the voice-over-IP phone system they use every day. You have all these devices that aren’t being maintained — they just let them run.”

He knows of one company that was attacked through its security-camera system, and said segmenting networks is one way to minimize such a threat. “That shouldn’t be on same network as your finances.”

The defenses against breach attempts are myriad, from password portals and multi-factor verification of online accounts to geoblocking traffic coming from overseas.

“A lot can be done with training,” Christianson said. “The most important thing you have in your business is your people, and educating people how to act and what to do when they see something — to make your staff savvy — is one of the most beneficial things you can do.”

Mark Jardim (left) and Charlie Christianson say cybercrime is constantly evolving, and so must the strategies businesses employ to prevent it.

It’s definitely a challenge, Jardim added. “We have to protect every single door and window, we have to be right 100% of the time, and a hacker just needs to find one vulnerability.”

Cultivating an Ecosystem

That list of threats and defenses — which only skims the surface — drives home the need for a more robust cybersecurity workforce, Loper said.

“We believe you have to take a regional approach to cybersecurity,” he noted. “We don’t believe you can just think of yourself as island unto yourself. Whether you’re a big organization or a small organization, you’re part of the supply chain, and there are opportunities for breaches. Everyone is connected.”

Boosting workforce-development programs is one spoke on the wheel. “It needs more attention. At one point, we didn’t have enough tool and die makers. The Commonwealth got behind it, and now we have enough. Something like that is going to happen in the high schools, and across this region, where we’re retraining people to work in this space just because there are so many opportunities.”

“The most important thing you have in your business is your people, and educating people how to act and what to do when they see something — to make your staff savvy — is one of the most beneficial things you can do.”

One plan is to develop a ‘cyber range,’ which is a simulated IT environment that emulates the IT structure of businesses, Loper explained. “We can bring people into the cyber range and help them deal with threats to a simulated environment.”

All these strategies are running headlong into the rise, in the very near future, of 5G wireless connectivity, which will dramatically increase data speed — and perhaps security threats as well.

“The threat we have now is going to go on steroids with 5G and with IoT,” Loper said. “The opportunties for business development will be greater than ever, and the opportunities for penetration will be greater than ever as well. It’s amazing what’s happening with 5G — it’s mostly good, but pretty darn challenging.”

Those threats provide business for commercial insurers, and that coverage is important, Rivers said, but businesses have to think about their own common-sense defenses as well.

“As we do renewals or reach out to clients, we try to bring out what policies are available to them to protect them from different things,” he noted. “It’s easy for us to recommend everything, but there’s a cost, so we try to inform them what’s out there so they can make decisions — ‘do I want this? Do I want that?’”

Rivers cited a statistic from Philadelphia Insurance Companies, which reports that the average cost of a data breach is $204 per lost record, with more than half of such costs attributable to lost customers and the associated public-relations expenses to rebuild an organization’s reputation.

“It’s one thing to take the data out, but when your brand is affected because you’ve had this incredible breach, that’s something else,” Loper added. “Your brand is what people think it is; it’s not what you think it is, like in the old days. Now, just look on social media, and that tells you what your brand is. Cybersecurity is one of those things that, if not done properly, can undermine your brand so quickly.”

In the end, Jardim said, the idea is to minimize risk.

“I always joke, the most secure machine is one that’s shut off in a locked room, but you have to find a balance,” he said — one that employs measures from simple common sense to choosing the right firewall.

“We see clients who have $5 million businesses buying a $100 firewall from Staples. You’re not going to protect your infrastructrure with that. You need the right equipment for your size. You need professional stuff for your business — you can’t use the same equipment you buy for your house for your business.”

“Well, you can,” Christianson added quickly, noting just one more way people might take a limited view of cybersecurity threats — and come to regret it.

Joseph Bednar can be reached at [email protected]

Technology

Air Apparent

By Sean Hogan

Small businesses have been drawn to VoIP technology because of the substantial cost savings they gain when making the switch. However, as VoIP has continued to evolve over the years and moved into the ‘cloud,’ small businesses have begun to leverage VoIP in new ways to gain competitive advantages in their respective industries.

The growth of virtual companies and remote workforces has brought everyone to the same playing field, and customers across every industry are looking to work with credible, prestigious, large companies. Here are some ways in which cloud voice can make your business look bigger than it is today.

Your office just got a receptionist you don’t have to pay for. Cloud-based phone systems today include features that completely eliminate the need for a receptionist. Systems can be configured in order to route calls directly to the intended employee via a unified auto-attendant. Also, if your office doesn’t have a receptionist, systems can distribute incoming calls among specific groups.

This goes beyond simply sending sales calls to salespeople and admin calls to support employees. For example, you can use caller ID to send specific accounts directly to the CEO’s cell phone. Or if none of the salespeople answer an incoming call, it goes to the sales manager’s cell phone.

Sean Hogan

“Small businesses have begun to leverage VoIP in new ways to gain competitive advantages in their respective industries.”

Unlimited locations, one office number. With the rampant growth of startups and virtual companies, many businesses need to have a communications system that supports both in-house and remote workers while maintaining a professional image across the board. With cloud voice, calls to the main office can be sent out anywhere simply by asking the customer to dial an extension, just like how large corporations are doing.

Seamless conference calls and lightning-fast voicemails. Conference calls or online meetings are often a source of frustration for most companies. Cloud voice solutions enable businesses to host conferences during meetings so you can be face to face, even when you can’t be in the same location.

Furthermore, all technology is hosted through a single solution, so when it’s time to host a meeting, businesses can rest assured that the technology will perform as promised. Another way in which cloud voice accelerates collaboration is through its ability to convert voicemails into MP3 files, which can be sent as e-mail attachments. Additionally, voice calls can be converted to text and vice versa for easier retrieval and communication.

Collaborate on the fly. Today’s employees need to be constantly connected. Collaboration can’t always be planned out in advance, and when a good idea strikes, everyone needs to be in the loop. Cloud technology has made it easy for employees to see from their desktop what their co-workers are doing and how to best access them (e.g. instant message, voice, or e-mail) so communication can happen immediately.

There are many advantages to moving a company to cloud voice. For small business, the rewards are plentiful because they can utilize the same technology as large enterprises for a fraction of the cost and make them look just as big.

Sean Hogan is president of Hogan Technology.

Technology

High-tech Harvest

Vice President Paul Whalley

From its humble beginnings in a Southwick basement 40 years ago, Whalley Computer Associates has become a technology company with remarkable reach, providing a host of services to more than 3,000 business clients, ranking WCA in the top one-tenth of 1% of all computer resellers by sales volume. That growth has come through constant evolution in response to industry needs and trends, but also simply by making life easier for clients, who increasingly demand no-fuss solutions to their network needs.

Paul Whalley knows his company might have a larger brand presence in a larger city.

“Our biggest challenge, marketing-wise, is being in Western Mass. — because you know what they think of us in Eastern Mass.,” he said. “And then we’re in a town called Southwick, and if you look up Southwick, you see a farming community, and the name of the company is a family name. So I think people have an image of my brother and me with pitchforks, milking the cows in the morning and feeding the chickens when we get home, and maybe selling one or two computers.

“But that perception isn’t what people get when they walk through here,” he quickly added, and for good reason.

Out of its 62,500-square-foot headquarters in Southwick — it also maintains facilities in Westfield, Milford, and Providence, R.I. — Whalley Computer Associates (WCA) has grown to be the 175th-largest computer solution provider in North America. That’s among more than 200,000 such companies, placing Whalley squarely in the top one-tenth of 1%.

What started as a software-consulting firm is now an original equipment manufacturer (OEM), building computers and other devices for 25 brands, a few of them major national names. In so doing, WCA is the largest reseller of Lenovo products in the U.S. and has been the top reseller for Dell in the Northeast many years.

“I think people have an image of my brother and me with pitchforks, milking the cows in the morning and feeding the chickens when we get home, and maybe selling one or two computers. But that perception isn’t what people get when they walk through here.”

Initially, the firm served customers mostly based in Massachusetts and Connecticut. However, in the past decade, it has expanded its range, providing technology products and services across all of New England and Upstate New York.

It’s not easy to pin down what WCA does in a few words. Early in its history, it focused on imaging and configuration, delivery and deployment, and maintenance and repair. But today, services include pre-sales consultation, system design and implementation, infrastructure, data storage and management, client and server virtualization, disaster recovery and business continuance, VoIP, wireless cloud computing and cloud infrastructure services, server, storage, and network health checks — and more.

The company provides services to more than 250 school systems, 50 colleges, and 3,000 businesses, while continually expanding its range of offerings as the technology world continually evolves.

“It’s the full life cycle,” said Whalley, WCA’s vice president. “We’re consulting on what they should buy, selling them what they should buy, preparing what they bought, delivering what they bought, taking care of what they bought, managing what they bought — perhaps even remotely — and then, at the end of its life, gathering it back and disposing of it or returning it to the leasing company or giving it to a school, whatever the customer wants.”

Up from the Basement

Like many high-tech success stories, WCA grew from humble beginnings. As a part-time programming consultant in the Agawam school system in the 1970’s, math teacher John Whalley — Paul’s brother — purchased a small software-consulting firm. Working after school and during the summer from his Southwick basement, he built a small customer base.

Then, in 1979, incorporating his experience teaching his students programming on the school’s new computer, he started Whalley Computer Associates. He moved to new quarters in Southwick twice, all the while trying to convince his brother to come on board.

Paul started helping out part-time, and in 1985, they both dove in full-time, with John (still the company’s president) leaving his teaching job and Paul resigning from his position as a programmer at MassMutual, in the process becoming WCA’s fourth employee. The acquisition of customers such as Northeast Utilities, United Technologies, General Electric, and Cigna helped drive the company’s rapid growth.

Dean LeClerc says WCA’s engineering training lab helps keep the team on top of current technology.

That growth necessitated several moves in Southwick, from John Whalley’s cellar to a former hair salon, to a 1,500-square-foot office, to an 18,000-square-foot building on Route 202, to the current headquarters on Whalley Way, in the industrial-park section of town, built in 1999.

Through all that growth, Whalley said, the idea has always been to make life easier for customers. For example, the Southwick facility has hundreds of linear feet of ‘bench space’ where computers and other devices are not only built, but tested by connecting directly with the client’s network.

“The benefit for the customer is they can just walk to the desk, unplug the old one, plug in the new one, and walk away. Otherwise, they’d have to go the desk and spend 15 minutes with the product and get it fully configured on their network. It’s much more efficient and cost-effective, and allows them to work on more strategic things. Their IT staff doesn’t really want to be doing this. They’re certified at a pretty high level and want to be doing more challenging things.”

Dean LeClerc, director of Engineering, pointed out one bench that was being used to test Chromebooks headed to a Holyoke school.

“They leave here as if it had already been brought to Holyoke and connected with their network and tested,” he explained. “So they’re opening a box they already know works on their network.”

LeClerc added that Whalley can even set up each device for the individual student who will be using it, and a WCA representative will often visit sites to hand them out to specific users.

Early in BusinessWest’s recent visit, LeClerc showed off one of the facility’s newer features, an engineering training lab outfitted with WCA’s most commonly sold storage devices, switches, and servers — a half-million-dollar investment in making sure the engineering team stays on top of technology.

“Our engineers are doing it for the second, third, or fourth time before they’re getting to a customer’s environment,” he explained. “They’re not doing it for the first time at a customer’s live environment.”

In addition, if a customer is in a bind with equipment going down that could affect the flow of business, the lab might loan a piece of equipment for a day or a week to get the customer up and running again immediately instead of having to wait for shipment of a new product.

“If you listen to anybody in technology, they’ll tell you the majority of problems come when people aren’t being vigilant and open e-mails they shouldn’t be opening.”

“So we try to balance it,” he said. “This is our lab for our engineers, but if we have a couple extra pieces of equipment that we know we can bring out to get a customer back up and running, we can do that.”

Safe and Secure

WCA has evolved in other ways as well, Whalley said, mostly in response to changing industry needs and trends. Take security, for example, in the form of building security, surveillance cameras, access-control cards, and other products and services.

“We weren’t even thinking about that stuff 10 years ago, but it’s becoming a bigger piece of our business now,” he said, adding that WCA has a contract with the Commonwealth of Massachusetts as an ITC71 vendor for security systems.

Cybersecurity is another growing niche, he noted. “We’ll do assessments, look at the network, and help them prevent someone from attacking them. Even the biggest companies get attacked. We’ll build up a robust system with a lot of redundancy so if something does happen, whether it’s ransomware or malware or a virus, they experience no — or very little — downtime.”

He recalled two incidents, one involving a customer of WCA’s managed services, who had invested in a needs analysis and network cybersecurity protection and monitoring. “Within seconds of a ransom attack, we shut everything down, isolating the problem to one desktop, and brought the whole network back up, so they were down for only minutes, and then worked on clearing out that one bad desktop where the ransomware came in.”

Meanwhile, another local company, not a customer of those managed services, got attacked, and it took three weeks and 100 hours of engineering time to get it back up and running, Whalley noted.

“One computer down for an hour, versus the entire network down for three weeks. One did the preparation and the engineering ahead of time to have a robust defense of their system, and because it was monitored at the point, we immediately knew there was a problem and could quarantine it and get the rest of the company working again. That’s the power of having the combination of the managed-service group and Dean’s engineers.”

WCA also sends a trainer to conduct security-awareness trainings for clients, because so many breaches result from human mistakes, he noted.

“If you listen to anybody in technology, they’ll tell you the majority of problems come when people aren’t being vigilant and open e-mails they shouldn’t be opening. So we offer a very affordable service, coming into a company and going through a two-hour presentation on how to stay out of trouble and how not to make those mistakes that put your company in jeopardy.”

Staying atop such trends and others is critical, which is why WCA presents the annual Foxwoods Technology Show, the biggest technology event in the region solely for IT professionals. Every year, it attracts more than 1,000 attendees, including 300 representatives from 60 different manufacturers.

“We’re in an industry where you either change or you die,” Whalley told BusinessWest. “Everything’s moving so fast now. You either change and embrace the change — and try to lead the change — or you go out of business.”

Growth Pattern

In a business market where 80% of computer companies fail in less than five years, WCA employs more than 150 computer professionals and continues to grow its client base. It’s not exactly a small company, but tries to maintain a small-firm spirit, through events like monthly breakfasts, lunches, and birthday parties, as well as kickoffs of baseball and football season, where employees wear their favorite teams’ jerseys. Just this month, employees gathered to celebrate WCA’s best September ever.

“We pride ourselves on being a family business,” Whalley said, with the concept of family extending beyond the company’s founders, reflecting a general spirit of camaraderie in Southwick as well as the other sites.

At the same time, its work is serious business — and a long way from milking cows and feeding chickens.

“Our challenge is to stay as ahead of the curve as we can, but provide the stability and assurance to our customers that we’re not just jumping onto the new shiny penny and abandoning our core business,” LeClerc said. “We’re large enough that we can afford to do that. We have enough resources to stay ahead of the curve but still deliver traditional services to our customers until they’re ready for a change.”

Whalley agreed. “We try not to jump around from one thing to the other; we just try to add additional capabilities and continue to be exceptional at the legacy of services and products that we provide.”

Joseph Bednar can be reached at [email protected]

Technology

Bit by Bit

From left: Patrick Fortunato, business development manager; Jitu Changela, CEO; and Marc Solomon, director of Operations. 

While growing his business and keeping his employees busy at all times is Jitu Changela’s primary goal, his mission in business is to keep his clients’ employees busy and help those companies grow.

He and his team at the IT solutions company Azaya believe this is one of the best ways to measure success in this highly competitive, still-evolving field. Indeed, companies can’t grow and prosper, and their employees can’t be highly productive, if their IT systems are down. Or if the equipment is old and obsolete. Or if a business isn’t making the most of its investments in IT.

Azaya, a 25-year-old managed-service provider based in Palmer and founded by Changela, helps clients maximize their IT systems and ensure they are reliable and sustainable, thus enabling employees to work better and smarter. It does this through a philosophy of putting the client first and continually learning from each customer experience.

“You can never know everything; we’re always learning,” said Changela, leader of this six-person tech company that provides essential technology components and service to many different types of businesses. “The best way we keep up with what’s happening in this industry is by having a variety of different clients. They’re all from different industries, so working with each one of those clients in a different industry forces us to look at all the different hardware and software solutions that are out there.” 

The company’s overarching goal is to become what a provider must be in this changing industry — a one-stop shop. And it is well on its way to becoming just that.

The company offers something it calls eZ Virtual IT, which creates a team of IT professionals available at a client’s disposal and capable of handling a variety of services, including customized systems, security, website hosting, data protection, and server system setup and maintenance.

It also provides eZ Voice, a complete solution to business phone-line needs, and eZ Projects, help with specific IT projects, which, as Changela puts it, enables the company to “audition” for the client for future partnerships.

“With our model of one fixed cost, we’re there as many times as we need to be without it being any extra expense to them. Being able to be preventive solves a lot of their problems before they become problems.”

But the company’s ongoing success and continued growth is due not only to what it provides clients, but also how — specifically a fixed-cost model that is somewhat unique in the industry and provides a number of benefits for clients.

“That’s our core focus today, providing fixed-cost services,” Changela said, adding that most companies still charge hourly rates. “What we do is very unique; it’s a win-win partnership. Clients pay us a fixed cost, and our goal is to make sure we maintain their infrastructure at a very high level.” 

Overall, the company preaches to its clients to be proactive, or preventive, and not reactive, when it comes to technology, investing in it and ultimately making the most of it, said Marc Solomon, Azaya’s Director of Operations, and the fixed-cost system helps them do just that.

For this issue and its focus on technology, BusinessWest talked with the team at Azaya — that word means ‘shelter, refuge, and support’ in Sanskrit — as it celebrates 25 years in business and looks ahead to what the future can bring for this forward-looking company.

Tech Talk

Before looking forward, though, Changela first flashed back a quarter-century or so to when the internet was young and he was looking for work.

With a strong background in electrical engineering, he knew he wanted to do something computer- or electronics-related but was unemployed and couldn’t find a job. That’s when he decided to make his own luck. 

“I just decided that I had some experience in purchasing high-level computer equipment, and I found clients that needed stuff like that,” he told BusinessWest. “At that time, the internet was very new, so they had to go through some channel to get the high-level computer equipment, and I had the source.” 

So, he provided that equipment to them. Then, the fledgling venture grew from what is called “reselling” to the next phase, which focused on providing a variety of needed services to local clients. 

 “We then became internet service providers in town here in Palmer,” Changela said, adding that the company continued evolving into a multi-layered IT solutions provider. 

Solomon joined the team after an internship while he was attending Southern New Hampshire University. He graduated with a bachelor’s degree in computer science, and has been with the company for three years. 

“I’ve always been interested in technology,” he said. “After I graduated, Jitu brought me on board and has really shown me the ropes of the managed-service-provider industry.” 

 More recently, Azaya added Patrick Fortunato as its Business Development Manager to lead the sales of IT managed-services support, digital and VoIP business telephone systems, and cutting-edge security surveillance technologies, and he has plenty of experience in the technology industry. 

“I used to replace telex machines with fax machines,” he said with a laugh, adding that technology has certainly evolved even more since then, and all three men emphasized the importance of keeping up with the changing times. 

This means finding ways to stand out within a deep and talented pool of competitors, bringing more services to a wider array of customers.

Indeed, Changela said he realized years ago that Comcast was going to take over some of Azaya’s internet business, so the company knew it had to change something up. That’s when it evolved from being an Internet service provider to a managed-service provider,

And one that features what it calls a guaranteed network uptime policy — essentially a promise to keep clients up and running all the time. 

 “It’s all about being preventive over being reactive,” Solomon said. “A lot of times, with billable hours, which is the other side of the coin of fixed cost, it’s difficult to be preventive when you’re working on a limited source of hours. With our model of one fixed cost, we’re there as many times as we need to be without it being any extra expense to them. Being able to be preventive solves a lot of their problems before they become problems.”

“Downtime is obviously not cost-effective. It costs a lot of money when employees cannot work. We want to work smart, not hard, and they want to see their network up and running all the time. Everybody is winning at that point.”

This policy, said Changela said, puts pressure on Azaya as a vendor and partner, but ensures that each party involved is happy.

“Downtime is obviously not cost-effective. It costs a lot of money when employees cannot work,” he said. “We want to work smart, not hard, and they want to see their network up and running all the time. Everybody is winning at that point.”

Overall, Azaya focuses on efficiency and security, bringing the technological support a business needs for greater effectiveness to internal business processes. Changela also says they customize services based on what the business needs, and guides companies through the process. 

This is what the team’s leaders mean when they say the company works in partnership with its clients, another key to its success.

 “We’re constantly talking to our clients and trying to figure out what technology they can utilize to best serve their needs,” he said. “We have to do some research and figure out what’s out there that can help them.”

 For Adaptas Solutions, for example, a phone system that could handle all its needs throughout multiple offices was something it lacked. Azaya installed the Cisco BE6000 in five of its locations, giving Adaptas the ability to connect all its locations seamlessly, providing the phones, servers, and phone lines all throughout the entire operation, creating a one-stop solution.

Bottom Line

While this model seems to be working well for the tech company, Changela says the team has big plans for where they want to be in the future. 

“Our biggest goal is to become that one-stop-shop,” he told BusinessWest. “Anything that is connected to the network, whether it’s printers, cameras, security cameras, or phone systems … we should be involved in it.”

Fortunato said the future of technology is related to security and speed, and Solomon added that becoming a specialty leader in multiple industries is also at the top of Azaya’s list. 

“We have clients from architects to veterinarians, so our range is quite large,” he said. “To be able to pick a vertical and become the dominant leader in that vertical is something that is on the business plan. We want to be viewed as equals in the industry, against the companies that have a little more exposure.”

Changela added that one main thing that separates Azaya from competitors is the culture of the company, with a focus on honesty and integrity. 

“It’s not always about making money, it’s about helping our clients become successful,” he said. “And at the end of the day, if they’re successful, we’ll make money anyways.”

Kayla Ebner can be reached at [email protected]

Technology

Mom Tech

Many people assume that working from home is less productive than spending time in the office. However, the opposite is oftentimes true. This is especially true now that technology allows for quick and easy communication between home and office, giving employees, especially moms, the ability to work efficiently from home while maintaining a healthy work-life balance.

When Tiffany Appleton looks back on raising her now-19-year-old daughter, she remembers how difficult it was to have a full-time job on top of the 24-hour job called parenting. As a single parent, she really didn’t have a choice whether to go to work or not — she had to find a way to balance the two.

And she did — but she also realizes how much easier that might have been in today’s world, where technology allows employees to work from home productively and sustain a healthy work-life balance.

Appleton, recruiter and director of the accounting and finance division at Johnson & Hill Staffing, finds more and more people are working from home, and sees benefits for both the employee and the employer.

“I’ve interviewed many people who have had a work-from-home schedule, and usually they say that they end up working more than they would if they were in the office,” she explained, adding that it is oftentimes easier to be productive at home than working in an office environment, with the myriad distractions found there.

“I think much of this desire for having flexibility to work remotely came from moms who wanted to have their hands in balancing both the career and raising a family, and not having to feel like they could only do one or the other.”

In fact, the work-from-home population has grown by 159% since 2005, and the number of employers offering a remote option has grown by 40% in the past five years. The start of this fairly new trend, Appleton said, can be attributed to the moms.

“I think much of this desire for having flexibility to work remotely came from moms who wanted to have their hands in balancing both the career and raising a family, and not having to feel like they could only do one or the other,” she said.

Mary Shea, vice president of digital strategy at GCAi, can attest to this. She’s a new mom of a 4½-month-old boy. She commutes from Sturbridge but works from home on Mondays and Fridays, a schedule she says took some getting used to but now allows her use her time more productively while helping her maintain a healthy lifestyle. Her position at GCAi includes building and managing ad campaigns for her clients, a job she says she can do very well remotely.

Between her long commute and having a new baby boy, Mary Shea says working from home twice a week makes a huge difference in her life.

“Most of the time, I don’t have to be in the office,” Shea told BusinessWest. “I’ve set it up where Mondays and Fridays are my set schedule. Those are the days I’ll work on things that I know are online, and then, the other three days, I come into the office or go on location for a video shoot.”

Working from home saves Shea three hours a day that would otherwise be spent in a car — time she spends either working more, grocery shopping, or fitting in some exercise. And she never feels disconnected from the company, knowing her team back in the Springfield office is only a phone call away.

“Technology today has enabled parents, particularly moms like me, to work remotely,” she said, adding that hard and soft technology like the cloud-based project-management system GCAi uses and applications on her phone make this possible. “Being able to work remotely in the situation I’m in now is pretty vital because it’s just such a busy week.”

Barriers to Success

Shea isn’t the only mom, or employee in general, who feels this way. Karen Buell, vice president of Operations at Payveris and mother of two, has been working from home three days a week for eight years.

“Some women are pushing off having a family or they’re choosing between a career and having a family. For me, I can choose both,” she said, adding that being part of a tech company makes this a pretty easy thing to do.

Tiffany Appleton says Western Mass. businesses are adopting work-from-home policies slower than bigger cities, but it is still becoming more normal in the area.

In fact, Buell says about a third of the employees at Payveris are 100% remote.

But for some employers, this can be a difficult thing to embrace. Appleton says the negative stigma that surrounds those who work from home can sometimes prevent employers from making the jump.

“I’ve found, in Western Mass., we’re a little slower to adopt it than the cities are,” she said. “Sometimes employers get scared by work-life balance and think, ‘that means people don’t want to work, they just want to have a life and pretend they’re working.’ They just assume the worst.”

This negative perception is one of the things Buell experienced in her early work-from-home days, with people telling her she’d have a hard time being visible or ever being promoted. Despite the lingering stereotype, she was promoted at Payveris just a couple months ago.

“It doesn’t hold you back. If you’re there and you’re showing up and being productive, you can do anything,” she said. “It’s not about where you are, it’s about how productive you can be.”

Another challenging aspect about working from home is maintaining a connection with those who are at the office. Both Appleton and Shea agreed this responsibility lies largely with the employee, but also the cooperation of co-workers to maintain connectivity.

“Keeping the culture of the office is probably the most important thing the employer can do when having people who are not in the office all the time — finding ways to make sure that they are included, even if they’re not there in person,” Appleton said.

This may even include something as simple as telling a co-worker not to bring a lunch tomorrow because the office is ordering pizza or letting them know that so-and-so down the hall got engaged.

“Those are the things that usually irk people,” she continued. “Making sure there are ways to include the people when they’re not there — and being very conscious to include them and make them feel like they are part of the team — is important.”

Karen Buell says employers would benefit from seeing the upside of remote work instead of focusing on the negatives.

Technology makes all this especially simple. Appleton says more and more employers are investing in the kinds of technology that can be accessed remotely, such as Freedcamp, a collaborative project-management system that GCAi uses for everyday business and communication.

Win-win Situation

With increasingly adaptive technology that allows employees to do things like videoconferencing and sending documents through group-sharing software within seconds, disconnectedness is becoming less and less of a problem.

“Taking the next step to make sure the tools you’re investing in for the office have those abilities for people to work from anywhere is crucial,” Appleton said.

When she thinks about becoming a working parent 19 years ago, she realizes how helpful modern technology would have been when her daughter was home sick from school and she had to take the day off from work. Or on a snow day, when it wouldn’t have been necessary to get in the car and drive to the office to be productive.

“It’s nice now that you can do everything you need to do from home,” she said. “I think it’s good for the employees and the employers at the end of the day.”

Kayla Ebner can be reached at [email protected]m

Technology

Baiting the Hook

By Jenna Finn

Vade Secure, a global leader in predictive e-mail defense, recently published the results of its Phishers’ Favorites report for the second quarter of 2019. According to the report, which ranks the 25 most impersonated brands in phishing attacks, Microsoft was by far the top target for the fifth straight quarter. There was also a significant uptick in Facebook phishing, as the social-media giant moved up to the third spot on the list as a result of a staggering 176% year-over-year growth in phishing URLs.

The report was developed by analyzing the number of unique phishing URLs detected by Vade Secure. Leveraging data from more than 600 million protected mailboxes worldwide, Vade’s machine-learning algorithms identify the brand being impersonated as part of its real-time analysis of the URL and page content.

“Cybercriminals are more sophisticated than ever.”

Microsoft has ranked number one on the Phishers’ Favorites list every quarter since the official rankings were first released early in 2018. In the most recent quarter, Vade’s AI engine detected 20,217 unique Microsoft phishing URLs, for an average of more than 222 per day. This represents a 15.5% year-over-year increase compared to the second quarter of 2018.

Microsoft phishing has become a potential goldmine thanks to the growth of Office 365, which boasts more than 180 million active monthly business users. Office 365 is increasingly the heart of companies, providing the essential services (e-mail, chat, document management, project management, etc.) that businesses depend on to run. Each set of Office 365 credentials provides a single entry point not just to the entire platform but the entire business, allowing cybercriminals to launch insider attacks targeting anyone in the organization in just one step.

Meanwhile, Facebook phishing has been on a tear throughout 2019 and advanced one spot up to number three in the most recent quarter thanks to a 175.8% increase in phishing URLs. One explanation for this rise in popularity could be the prevalence of social sign-on using Facebook accounts, a feature called Facebook Login. This is particularly attractive to cybercriminals because they’ll be able to see what other apps the user has authorized via social sign-on, and potentially compromise those accounts as well.

The rest of the most-impersonated brands on the Phishers’ Favorites report include PayPal (number 2), Netflix (4), Bank of America (5), Apple (6), CIBC (7), Amazon (8), DHL (9), and DocuSign (10). Amazon phishing URLs saw a massive spike in the second quarter of 2019, growing 182.6% over the first quarter and 411.5% year over year. This coincides with reports of a new Amazon phishing kit in May, as well as the lead up to Prime Day 2019.

In terms of the most impersonated industries, cloud companies took the top spot for the fifth straight quarter with 37.6%, followed by financial services (33.1%), social media (15.6%), e-commerce/logistics (7.7%), and internet/telecommunications (5.2%).

A large majority of phishing (80%) took place on weekdays, while Tuesdays and Wednesdays were the most popular days for cybercriminals to take their shot.

“Cybercriminals are more sophisticated than ever, and the ways they target corporate and consumer e-mail users continued to evolve in Q2,” said Adrien Gendre, chief solution architect at Vade Secure. “Microsoft Office 365 phishing is the gateway to massive amounts of corporate data, while gaining access to a consumer’s Facebook log-in information could compromise much of their personal, sensitive information. The fact that we saw such a significant volume in impersonations of these two brands, along with the coinciding new methods of attack, means that virtually all e-mail users and organizations need to be on heightened alert.”

Jenna Finn is an account manager with Vade Secure.

Technology

Pipeline to Progress

When the Massachusetts Clean Energy Center released a study last fall examining potential locations for water-technology demonstration centers in Massachusetts — thus raising the Bay State’s profile and potential in the increasingly critical field of water supply, treatment, and sustainability — UMass Amherst was a natural choice, because it’s been making connections between water research and industry for some time. A host of key stakeholders believe it can become even more so in the decades to come.

Talk to experts in the broad realm of water technology innovation, and it doesn’t take long for Israel to come up, at least in terms of government investment.

It’s not exactly by choice.

“There are countries facing severe water issues right now,” said Loren Walker, director of the Office of Research Development at UMass Amherst. “Israel is the world leader in terms of state-led efforts to purify water — because they have to. They have a real water-constraint situation there.”

But several entities in the Bay State — from the university to the Massachusetts Clean Energy Center (MassCEC) to a host of industry players, both established companies and startups — are intrigued by the potential to make Massachusetts an international leader in water innovation as well. And they’ve got plenty of progress to build on already.

“It’s obviously a big area — there’s a water crisis around the country, around the world, and it will be more critical as the years go on, so there’s a need to innovate ways to treat water, both wastewater and surface water,” Walker told BusinessWest.

“It’s an active area of university research, an active area of industrial research,” he went on, “but there’s a gap between the kind of research the universities do — federally funded, more basic or fundamental — and technologies being developed by industry that they can ultimately commercialize and sell. There’s a gap between that fundamental research and the later applied research where you’re prototyping, scaling up, and seeing what technologies really work — and that’s where you need a pilot site. You need a way to go from fundamental laboratory research to commercial-scale research.”

UMass could be that site, he said.

Loren Walker

Loren Walker says the Amherst Wastewater Treatment plant provides UMass researchers and partnering companies a flow of wastewater on which to test new technologies.

Last fall, MassCEC released a comprehensive study that evaluates the technical and financial feasibility of three potential water-technology demonstration centers across Massachusetts, including one at UMass Amherst. Such centers, proponents say, could offer a test bed to pilot new water technologies and position Massachusetts as a global leader in the water-innovation and energy-efficiency sector, providing significant business and employment opportunities.

Rick Sullivan, president of the Western Mass. Economic Development Council, said one of the EDC’s goals is to help identify and develop sectors where Massachusetts could become a center of excellence. Back when he served as secretary of Energy and Environmental Affairs under then-Gov. Deval Patrick, he and the governor traveled to several locations, including Israel, to learn about water innovation, recognizing this was an issue of growing international concern.

“Water is just a really big issue, and becoming more important every day,” Sullivan said. “So we started asking, ‘can Massachusetts actually play in this water cluster?’ The short answer is, yes we can — because it’s already a multi-billion-dollar business in the Commonwealth.”

“It’s obviously a big area — there’s a water crisis around the country, around the world, and it will be more critical as the years go on.”

That figure includes everything from delivery systems to public-works projects; from filtering, purifying, and clarifying water to security of freshwater sources like the Quabbin Reservoir, he noted. “So it’s a bigger field than I think a lot of people realize.”

UMass Amherst has long been involved in water research. Then, in 2016, a $4.1 million grant from the U.S. Environmental Protection Agency — on the heels of a state earmark of $1.5 million from the state Department of Environmental Protection for water innovation — helped launch one of only two national research centers (the other is in Boulder, Colo.) focused on testing and demonstrating cutting-edge technologies for drinking-water systems.

All things considered, Sullivan said, UMass Amherst is an ideal spot to develop a demonstration center. A conference last October, called “Innovations and Opportunities in Water Technologies,” brought together the business and startup community, area municipal leaders who spoke about challenges to current water and wastewater systems, and UMass experts who detailed some of the cutting-edge work already being done on campus.

“At the end of the day, all of those panels and all the discussion and information kind of led back to reinforcing the idea that this is a really smart investment for the Commonwealth,” Sullivan said, noting that the investment to create the three centers was approved as part of the state’s 2014 environmental bond bill, but has not yet been appropriated in the state budget.

“When you talk to the companies that are in the innovation sector, one of the biggest needs they have is to be able to take their product and demonstrate that it works in real life — and to be able to do that not just in a lab, but out there in the real world,” he continued. “UMass has the ability to provide that infrastructure with some investment from the Commonwealth.”

In the Flow

The MassCEC study analyzed the technical and financial feasibility of three potential water-technology demonstration centers around the state: the so-called Wastewater Pilot Plant at UMass Amherst, the Massachusetts Alternative Septic System Test Center in Barnstable, and the Massachusetts Water Resources Authority’s Deer Island Treatment Plant in Boston Harbor.

Establishing this network could create jobs, lower energy costs, and optimize municipal operations in addition to supporting water-technology research, the study noted. A test-bed network could serve existing Massachusetts-based water technology companies, help attract new companies to the Commonwealth, advance new solutions to both local and global water challenges, and provide a strong foundation for innovation.

Key to UMass Amherst’s feasibility as a demonstration center is the fact that it already acts as a pilot site for industry — albeit on a limited basis — because of its access to flowing streams of municipal wastewater at the Amherst Wastewater Treatment Plant, located next to the university’s Water Energy Technology (WET) Center.

“You need flowing streams of municipal wastewater and surface water; you need to have access to this to test your filtration membrane or electrochemical treatment technologies, whatever they may be,” Walker said.

“Those facilities are few and far between,” he added. “But we happen to have one of just a couple facilities in the country that have some of the key attributes necessary to do some of this pilot testing — access to flowing wastewater and flowing surface-water streams, proximity to a research university, and access to stakeholders and end users.”

The issue, he said, is size and scale.

Rick Sullivan says Massachusetts can be a major player in the water cluster and, in many ways, already is.

Rick Sullivan says Massachusetts can be a major player in the water cluster and, in many ways, already is.

“We have the fundamental key attributes needed to make this kind of pilot facility, but we’re limited,” he went on. “We have bays now and already have companies using the facility to do their own research and scale up. It’s already an active space for research and development collaborations — but it gets filled up very quickly, so we would love to expand it, see even more companies come in and use this space, both established companies as well as new startups.”

The center was established in the 1970s and ran as a research pilot site for decades, but fell into disrepair in the late 1990s, he explained. Since its grant-funded renovation in 2016 as a research and collaboration space, it has hosted numerous industrial collaborators. “But it’s limited how many projects can happen in parallel. So there’s a case to be made for investing in infrastructure improvements, expansion, and modernization, do more projects in parallel.”

As an example of the kind of research being done there, Walker brought up ultrafiltration membranes — nanoscale membranes that can remove contaminants when water is forced through. One problem is that the membranes tend to get fouled up by materials in the water and eventually don’t work so well, and have to be replaced regularly, which is costly.

But Jessica Schiffman, an associate professor of Chemical Engineering at UMass Amherst, recently received a National Science Foundation grant to study the use of naturally occurring biopolymers that can be used as a nanofiber’s mat to prevent fouling in these ultrafiltration membranes, he explained. “Then you have a membrane that lasts longer and is more valuable, more efficient, and processes water more effectively.”

Then there are startups like Aclarity, whose CEO, Julie Bliss Mullen, presented at the fall conference. Her company specializes in electrochemical advanced oxidation, which is essentially using electricity to decontaminate water.

“Our faculty and students are looking for real-world problems to tackle. We’re on the research side of the equation, but the real world informs what gets done here.”

“Then there are companies developing their own technologies we don’t even know about,” Walker said. “When they get to the stage where they’ve tested it at the lab scale and they know it works at that scale, they still can’t sell it; they can’t turn it into a technology and market it to anyone until they’ve tested it at the municipal scale, and that’s where a facility like the WET Center comes in.

“We already know there’s interest here, and we have more interest than we can serve presently,” he went on. “And we’re hoping we can find ways to expand and renovate the facility so we can meet that interest.”

It’s not just companies that benefit, he added. “Our faculty and students are looking for real-world problems to tackle. We’re on the research side of the equation, but the real world informs what gets done here. So it’s a very fruitful partnership, to have our basic researchers working with companies, and companies hopefully getting some value out of the investigations we can lead, and we get a lot of value from the questions they ask, which informs the research we do here at the university.”

Current Events

One end result of all this innovation and connection, Sullivan said, is a real economic-development boost in a field that promises to become more critical over the next several decades.

“Companies these days are looking for direct ties to the university for two reasons: one, the students are graduating and they need the talent, and they also want to tie back to the research and development that’s occurring with the grad students and professors and other staff, so they can stay on the cutting edge,” he told BusinessWest.

The test-bed potential, to have a site big enough to accommodate real-life testing for more companies, only enhances that potential, he added, noting that it’s only one way UMass is leading the way in connecting scientific research with real economic development, with the core facilities at the Institute for Applied Life Sciences being another.

“It’s such a resource and economic opportunity for the region,” he said of the university as a whole, “and I think a lot of people don’t understand and appreciate the potential it has and the importance it has.”

Walker was quick to add that the state and region have been taking the water-technology issue seriously for some time. For example, the New England Water Innovation Network is a nonprofit trade group that examines the water cluster in Massachusetts — companies developing water-purification technologies, university researchers at UMass and other universities, and industry — and connects those dots to help foster collaboration and innovation that will develop technologies, attract companies interested in developing these technologies, and hopefully create more jobs and an economic boost, all while attacking a major global problem.

“So there’s a need, and it’s likely only going to grow,” he said. “UMass Amherst is going to help develop some of the solutions to solve that problem and, hopefully, in the process of doing so, create some economic opportunity for Massachusetts and Western Mass. in particular.”

While UMass is ahead of the curve, Walker noted, this isn’t an unknown area for innovation potential, and other states, like Georgia, are currently looking to develop similar pilot-scale and commercial-scale projects.

“Right now we’re in a good place. We have a lot of interest, and we have a lot of expertise here, but I think that, going forward, we’ll see a lot more competition from other states and other regions that want to get in on this game. But to be successful, you have to have combination of physical infrastructure, stakeholder relations, and, critically, the expertise. That means having experts at the university level, which we have in spades here.”

David Reckhow is one of the more prominent of that group. The director of the Water Innovation Network for Sustainable Small Systems at UMass Amherst, he has traveled to Israel, Singapore, and other places to learn about global water needs and the innovation occurring worldwide to meet those needs.

“They talk about water being the next oil,” Reckhow told BusinessWest in December 2014. “We’re running out of quality water. There’s plenty of water on the planet, but most of it is not usable; the water in the ocean is not usable, or, at least, it’s very expensive to use. So, as we move forward, there’s going to be more conflict over existing high-quality water sources. We have seen it in the Middle East for a long time, but it’s going to be more widespread. It’s an issue of national security around the world.”

The intervening years have only made it more of one. And UMass Amherst has the potential, Walker said, to be a national center for water innovation that will benefit the region, but also attract players from across the U.S., both industry and academic collaborators.

“I do think it’s new enough of a cluster that it’s just starting to get some real recognition of its importance,” Sullivan said. “I think there’s a real opportunity for Western Mass., and UMass in particular, to play a role here.”

Joseph Bednar can be reached at [email protected]

Technology

Attack the Problem

By Sean Hogan

Over the course of my time as a business owner, I’ve been asked many times, ‘what keeps you up at night?’

In the early days, I would have said ‘payroll, employees, and sales,’ and maybe not necessarily in that order. Today my answer would be ‘cybersecurity.’

As things have advanced in technology, the web, connectivity, and social media, we have created an easy avenue to our data. Our exposure to hacking is one port away on your firewall, and in some cases, someone may have already breached that firewall.

Security practices in the past do not hold up to complex hacking attacks that are constantly barraging the internet. It used to be adequate to have complex passwords and updated computers with all the patches and security updates. The hackers have concentrated on the lowest-cost and easiest way to infect your computers.

Sean Hogan

Sean Hogan

In most cases, it’s a phishing attack. Phishing attacks are e-mails disguised as a reputable company with a clickable link or some embedded malware. The cyberthieves send out thousands of these attacks and lie in wait until some innocent victim opens the e-mail and clicks on the link or attachment. The malicious robot servers automatically churn out these e-mails, and before they know it, their device and network are infected.

Many of these attacks are designed to install ransomware or access all your critical data. The ransomware will lock down the machine and encrypt your data. They will contact you and request bitcoin to then release your data. Some hackers will pull your data, including contacts and personal information, and post or sell your data to the dark web.

Hacking has evolved greatly within the past few years. In the early days, we would receive a letter from the Nigerian prince, looking to transfer $7 million to you just for good measure. Modern-day hacks and phishing e-mails are very complex; they quite often mimic FedEx, UPS, and customer e-mails so you are more prone to click on the bait.

“As things have advanced in technology, the web, connectivity, and social media we have created an easy avenue to our data. Our exposure to hacking is one port away on your firewall and in some cases, they may have already breached that firewall.”

The most successful program to prevent phishing attacks is training. There are several services that offer security-awareness training (SAT). When you sign up for this type of training, you will be taught what to look for in phishing e-mails and how to respond. The SAT will also include a ‘fake attack’ so you can measure the results at your business and use it as a teaching aid to prevent against future attacks.

Businesses need to embrace a cybersecurity strategy. There are three categories to cybersecurity: Protect, detect, and respond.

Protect

Ask yourself, do you lock your car? Do you lock your front door? Think of your connection (router) as your front door to the web.

Securing this device is the first step in preventing hackers from getting in. Not only should you have the best-in-class router, you also need to maintain the patches and security updates, so the unit does not fall to the constant attacks from the internet.

Beyond the firewall, you need to secure your ethernet switches and your wireless access points. Access points are an easy target for rogue hackers; they often log into a weakly secured access point, and once they have entered, they can navigate your entire network.

Most often, malicious attacks are delivered via e-mail. Logically, it is critical to have very updated anti-spam software, as well as antivirus and malware protection.

It is also critical to have current backups; best practices recommend a full on-site backup with a virtual cloud backup. It is crucial to know that your backups are tested; if you are backing up corrupted data, then your backups are useless.

Detect

Early detection can save lots of time and potential loss of data. Most breaches are not detected for more than 100 days after the breach. Once you detect a breach, you can contain and react to that breach. This begs the obvious question: how can you detect a breach?

There are several ways to go about detecting a breach within your system. First is to engage in a dark-web monitoring service. These services have ‘crawlers’ that are constantly scanning the dark web. They will scan your company and your personal information. When they find your data on the dark web, the service will alert you and let you know what that information is and where it came from, but don’t get your hopes up; you cannot remove your information once it is on the dark web. For instance, LinkedIn was breached more than 10 years ago, and if you had a LinkedIn account in that time frame, your username and password are available on the dark web.

Respond

It’s not a matter of if, but when you are a victim of a cyberattack. Rapid response to a breach or infection is critical, and the faster you respond, the faster it will reduce your exposure. In some cases, you will need a support team to assist in cleansing machines, loading backups, and scanning your network.

The proactive approach is to engage a security operations center. This is a team of security professionals that will monitor your network and device. In the case of an infection or breach, the team will jump into recovery mode and secure your data.

Bottom Line

Above all, it’s important to stress that cybersecurity is more of a culture than a service. Cyberattacks cannot be prevented, but they can be avoided by having the proper procedures and training. Cybersecurity requires awareness and the ability to eliminate your personal and company exposure. All the tools in the world won’t prevent someone from clicking on malware in an e-mail. It is important for a company to have a stable cybersecurity policy and program in place.

Don’t wait until you are hacked to implement a cybersecurity prevention and awareness program.

Sean Hogan is president of Hogan Technology, a full-service managed IT, structured cabling, and cloud-services provider; (413) 779-0079.

Technology

Blasting Off

A team from Feeding Hills gets ready to put their robot to the test.

A team from Feeding Hills gets ready to put their robot to the test.

Seeing a group of middle-schoolers design, build, and program robots that perform specific, detailed tasks on cue is an impressive sight. But the impact of the FIRST LEGO League, which boasts teams in numerous schools throughout Western Mass., goes far beyond engineering training. It’s also teaching young people communication skills, teamwork, and confidence — all key traits to take into whatever career they choose, whether in the STEM fields or not.

As the robotic rover methodically navigated a landscape of obstacles, it relied on its programming to perform any number of tasks, from extracting core samples to angling a solar array to crossing a crater. If the programming — honed over months of diligent trial and error — failed, so did the robot.

That’s OK, though — this wasn’t a billion-dollar piece of outer-space equipment at stake, but a robot built from LEGO Mindstorm parts, and performing tasks on a colorful, space-themed table. And these weren’t astronauts or NASA engineers performing experiments, but area elementary and middle-school students showing off their prowess at the recent FIRST LEGO League Into Orbit Challenge at Western New England University.

Three dozen teams of students from Agawam, Brookfield, Chicopee, Greenfield, Holyoke, Longmeadow, Northampton, South Hadley, Springfield, West Springfield, Westhampton, and Wilbraham took part in the competition, reflecting a surge in growth for school-based robotics programs.

“It’s more than just the robots. Yes, the engineering is important — the math and the physics behind it — but more important than that is the teamwork, the critical-thinking skills, and the communication skills the kids develop.”

After competing head to head with each other, seven of those teams advanced to a statewide competition in Worcester a week later, and from there, the top teams moved on to championship events this spring.

“It’s all about taking your classroom lessons — the math, the science — and applying them in a real-world situation,” said Dana Henry, a senior mentor for the regional FIRST (For Inspiration and Recognition of Science and Technology) program, who first connected students with robotics in Agawam 18 years ago.

“It’s more than just the robots,” he told BusinessWest. “Yes, the engineering is important — the math and the physics behind it — but more important than that is the teamwork, the critical-thinking skills, and the communication skills the kids develop.”

The FIRST LEGO League challenges kids to think like scientists and engineers. During this year’s space-themed season, teams choose real-world problems to solve and then build, test, and program an autonomous robot using LEGO Mindstorms technology to solve a set of missions.

Last months’s event, the Agawam Qualifier, is in its 11th year, moving to WNEU this season after outgrowing its previous space at Agawam Junior High School, Henry noted.

Dana Henry says FIRST LEGO League competitors are applying classroom lessons to real-world problems, and gaining a raft of skills while doing so.

Dana Henry says FIRST LEGO League competitors are applying classroom lessons to real-world problems, and gaining a raft of skills while doing so.

“We have four programs in Agawam, and we help other teams, at other school systems in the area, get up and running,” Henry said of his role with FIRST. “Western New England came in with the facility and some resources, and they are working with a couple of local teams themselves. It’s been a pretty great ride so far.”

Suleyman Demirhan, a science teacher at Hampden Charter School of Science in Chicopee who oversees that school’s robotics club, explained that the faculty coach’s role is to teach students the basics of building and programming the robot — and researching issues as they arise — but it’s important for students to learn how to accomplish their goals with minimal hand-holding.

“They learn a specific topic for their project, and how to design a robot and program it. The coach is there just to guide them, to provide the right materials and supplies for learning the robotics, and then we get to see their progress. We’re teaching them how to solve problems. It’s a learning process,” Demirhan said.

“Actually, they teach each other and learn from one another,” he went on. “I see it like working at a company, like being an engineer, but at the same time being a middle-schooler. They’re learning to solve all these engineering problems, and then they learn how to solve the programming problems.”

Values Added

The FIRST LEGO League, launched 20 years ago by inventor Dean Kamen and LEGO Group owner Kjeld Kirk Kristiansen, now boasts 320,000 participants and 40,000 teams in 98 countries.

At the cornerstone of the program are a set of core values, through which participants learn that friendly competition and mutual gain are not separate goals, and that helping one another is the foundation of teamwork.

According to the league website, those core values include discovery (exploring new skills and ideas), innovation (using creativity and persistence to solve problems), impact (applying what we learn to improve our world), inclusion (respecting each other and embracing our differences), teamwork (understanding that we are stronger when we work together), and fun (enjoying and celebrating what we do).

The student-designed robots are all different, taking myriad approaches to tackling similar challenges.

So the goal is more than learning robotics, engineering, and programming. But even the tasks themselves extend far beyond the robots. Each year, teams are mandated to research a real-world problem such as food safety, recycling, energy, etc., and then develop a solution.

As part of this year’s Into Orbit theme, teams considered the challenges humans must overcome to travel around the solar system — such as extreme temperatures; lack of air, water, and food; waste disposal and recycling; loneliness and isolation; and the need for exercise — and research and present a project, not unlike at a science fair, that aims to solve one of those problems.

“With this year’s theme, they designed a project that helps astronauts in space travel improve their physical conditions and mental health, or it could be anything that supports astronauts,” Demirhan said, noting that his school’s two teams took on the problems of growing food in space and designing an effective trash compactor.

The competition itself centers around the LEGO robots designed and built by the students, he went on. “Each challenge needs to be solved by a robot which is running autonomously. So the students program the robots and make specific attachments that work with different challenges. They don’t only design these attachments, but design and write the programs.”

If the programming is off by the slightest margin, the robot will miss its target on the table — and miss out on critical points needed to post a high score and advance.

“With each one of these challenges, they encounter difficult areas with the programming,” Demirhan went on. “Some programs might work in a specific environment and might not work in a different environment, and they’re trying to write the best program that can work in many different conditions. For example, light could be a factor — robots have light sensors, and the amount of light in the practice room could be different than in competition. So the student needs to solve this challenge and write a really good, efficient program that can run in both these environments.”

For students inclined to this type of work, Henry said, it’s a fun way to learn to apply STEM (science, technology, engineering, and math) concepts while developing critical-thinking and team-building skills, and even soft skills like how to talk to the judges about their robots in an engaging way — yes, they’re judged on that, too.

“Not only do they have to build a robot to compete on the table, but they’re also being judged on a project, and they have to adhere to all the core values throughout the FIRST program,” he added. “It’s about communication skills and critical-thinking skills. It’s much more than just robots.”

Time to Shine

Through the FIRST LEGO League, Kamen and Kristiansen always intended for young people to discover the fun in science and technology but also develop in a positive way as people. Henry said he has seen exactly that.

“We had one kid that came through the program who was very shy, ate his lunch in the corner all by himself at his junior high school, but he came into high school and absolutely bloomed. He got into college, and now he’s an engineer with NASA. I’m telling you, if he doesn’t go to Mars, he’s going to be one of the engineers that gets us there.”

Other students in the program have gone on to non-science fields, like teaching, music, and the culinary arts, he continued, but the lessons they learned about solving problems and working with others are applicable to any field.

For those who do aspire to a career in engineering or robotics, however, the FIRST program does offer a leg up, Demirhan said, both in the college-application process — schools consider this valuable experience — and gaining career skills at an earlier age than most future engineers do.

“They’re all doing real-world engineering. Once they go to an engineering school, they’re seeing problems like these and learning how to solve them. So this is really a tiny engineering program that has massive applications. We’re teaching real-world problems and coming up with good solutions to them.”

In short, students are creating ideas, solving problems, and overcoming obstacles, all while gaining confidence in their abilities to positively use technology. To Henry, that’s an appealing mix.

“The STEM part is important, absolutely, but it’s more than just that,” he said. “I can’t stress that enough. We’ve seen kids blossom in so many ways.”

Joseph Bednar can be reached at [email protected]

Technology

Creating Cyber Solutions

Tom Loper says the ‘supply chain’ project will benefit the region

Tom Loper says the ‘supply chain’ project will benefit the region and its manufacturing sector while also giving cybersecurity students a leg up on jobs.

A group of regional partners, led by Bay Path University, has been awarded a $250,000 grant from the Mass. Technology Collaborative for a pilot program that will address a host of identified issues — from a critical shortage of workers in the cybersecurity field to the need for smaller manufacturers to become more cyber secure if they are going to keep doing business with their customers in the defense, aerospace, and other sectors.

The project’s name is long and quite cumbersome.

‘Engaging Student Interns in Cybersecurity Audits with Smaller Supply Chain Companies to Develop Experience for Entry-level Positions While Improving the Cybersecurity Ecosystem in Massachusetts.’

Yes, that’s really what it’s called. And while that’s a mouthful — not that anyone actually recites the whole thing anyway — it really does capture the essence of an ambitious initiative spearheaded by Bay Path University and its emerging cybersecurity programs, and also involving Springfield Technical Community College, Paragus Strategic IT, the Economic Development Council of Western Mass. (EDC), and other area partners.

Breaking down that long title into its component parts certainly helps to tell the story behind the $250,000 grant awarded recently by the Mass. Technology Collaborative. The program, set to commence early next year, will indeed engage students in Bay Path’s cybersecurity programs in internships with smaller supply chain companies across the region. They will be working with employees at Paragus to undertake cybersecurity assessments of these small manufacturing firms, essentially identifying holes where intruders can penetrate and possible methods for closing them.

And the program will provide needed experience that is difficult for such students to attain, but very necessary for them to land jobs in the field. And it will put more workers in the cybersecurity pipeline at a time when there is a considerable gap between the number that are available and the number that are needed — a gap approaching 9,000 specialists in this state alone. And it will bring more women into a field that has historically been dominated by men and is struggling desperately to achieve diversity.

That’s a lot of ‘ands.’

Which helps explain why the Mass. Technology Collaborative, which was planning to divide $250,000 among several entities, gave that entire amount to Bay Path’s proposal and then found another $135,000 to award to two other projects, said Tom Loper, associate provost and dean of the School of Arts, Sciences and Management at Bay Path, who started with the small supply-chain companies, as he explained the project’s importance.

“These companies have a cyber vulnerability, in many cases, because they don’t have sophisticated systems and they don’t have sophisticated staff that can help create a cyber-safe environment,” he noted, adding that he took what he called a “Western Mass. approach” to the process of applying for the grant.

By that, he meant a focus on smaller businesses, as opposed to the larger defense contractors like Raytheon in the eastern part of the state, and also on schools like Bay Path (and its online component, The American Women’s College) and STCC that are graduating cybersecurity students but struggling to find them real-world experience to complement what they learn in the classroom.

Matthew Smith says that among the many potential benefits from the ‘supply chain’ project is much-needed gender diversity in the cybersecurity field.

Matthew Smith says that among the many potential benefits from the ‘supply chain’ project is much-needed gender diversity in the cybersecurity field.

Thus, the project is a potential win-win-win, with maybe a few more wins in there as well, said Rick Sullivan, president & CEO of the EDC, noting that winners include the individual students at Bay Path, the emerging cybersecurity industry, individual small manufacturing companies, and the region as a whole, which counts its precision manufacturing sector as a still-vital source of jobs and prestige.

“The large customers, the Department of Defense, the Department of Transportation … they’re really requiring, and rightfully so, very strict compliance with the highest cybersecurity techniques out there,” Sullivan said, referring to the requirements now being placed on smaller supply-chain companies. “When they go to the bigger companies, they have to certify their entire supply chains, and we have a lot of companies in this region that feed into that supply chain.”

Overall, the pilot program is a decidedly proactive initiative aimed at helping these smaller companies become aware of the requirements they will have to meet to keep doing business in such fields as defense and aerospace, and then help them meet those thresholds, starting with an assessment of their cybersecurity systems and immediate threats.

For this issue and its focus on technology, BusinessWest takes an in-depth look at the Bay Path-led project, its many goals, and how, if all goes as planned, it will close gaps in cybersecurity systems as well as gaps in that sector’s workforce, while also making the region’s manufacturing sector stronger and more resilient.

Day at the Breach

The project summary for the Bay Path initiative, as authored by Loper and others, does a very effective job of summing up both the many types of problems facing the state and its business community with regards to cybersecurity, and also how this pilot program will address several of the key concerns.

“Entry-level job postings for information security analysts and related cybersecurity positions typically require one to two years of experience in the field, making it challenging for recent college graduates with cybersecurity degrees to fill these positions,” the summary begins. “Bay Path University, a women’s university in Western Mass., will lead a project that will engage 30 undergraduate and graduate cybersecurity students, primarily women, in a full year of challenging experiences as paid interns on cybersecurity auditing teams.

Rick Sullivan

Rick Sullivan

“The large customers, the Department of Defense, the Department of Transportation … they’re really requiring, and rightfully so, very strict compliance with the highest cybersecurity techniques out there.”

“Teams will provide cybersecurity audits at a lower cost for small to mid-sized companies in the region,” the proposal continues. “Undergraduate cybersecurity interns from Bay Path University and Springfield Technical Community College will be assigned to auditing teams led by a graduate intern from Bay Path’s M.S. in Cybersecurity Management Program. Teams will be supervised throughout the audit process by seasoned cybersecurity specialists from Paragus Strategic IT. Through the internship, students will gain insight into the breadth and scope of challenges to the cyber ecosystem and hands-on experience working with employers to implement options for addressing these challenges. Project research and evaluation will be undertaken to confirm that the internship will meet the needs of employers who require prior experience.”

Like we said, that pretty much sums it all up — at least from the student intern side of the equation. In addition to classroom learning, experience in the field is necessary to break into the cybersecurity sector, said Loper, and such experience is difficult to attain. This pilot program will help several dozen students get it.

Meanwhile, the program will address the other side of the equation, the needs of small manufacturers in the supply chain — and this region has dozens, if not hundreds of them, who face many challenges in their quest to become safe (or at least much safer) from security breaches, a pre-requisite for being able to do business these days.

For an explanation, we return to the project summary:

“The majority of cybersecurity breaches occur in smaller supply chain companies, threatening the entire supply chain. Yet these companies often cannot afford the staff or resources to address ongoing needs for ensuring a cyber-safe ecosystem,” the solicitation notes. “Partnering with the MassHire Hampden Workforce Board, the MassHire Franklin Hampshire Workforce Board, and the Economic Development Council of Western Massachusetts, the project will engage 45 small to mid-size supply chain companies in the advance manufacturing sector in western Massachusetts in cybersecurity audits. This strategy will be disseminated as a model for how other Massachusetts higher education institutions with cybersecurity programs can partner with employers and their regional planning teams to strengthen the cybersecurity ecosystem across the Commonwealth.”

Elaborating, Loper said the cost of a cybersecurity assessment (that term is preferred over ‘audit,’ is approximately $1,500, an amount that challenges many smaller companies and is the primary reason why relatively few are done.

The pilot program will pay roughly two-thirds the total cost of an assessment, thus bringing assessments within the reach of more companies, which need to ramp up their cybersecurity systems and methods if they are going to keep doing business with most of their clients.

“Things are starting to change,” said Sullivan. “Cybersecurity and the threats that are out there are real, and this pilot program is an attempt to get ahead of all that, to educate and assess the smaller businesses here, with the next step being to hopefully address those needs so they can stay compliant, because that’s an extremely important part of our economy here.”

Sullivan said the EDC and other agencies will work to build awareness of this program and sign on participants. There has already been interest expressed by many of these smaller manufacturers, and he expects it will only grow as awareness of the project — as well as the need to be cyber secure — grows.

What the Hack?

For the record, and as noted earlier, the Mass. Technology Collaborative came up with another $135,000 to award for other pilot projects to help prepare entry-level cybersecurity job seekers to both meet the needs of employers, and address the growing cybersecurity job crisis.

The first, a $61,178 grant, involves an entity called STEMatch, which proposed a creative collaboration between community colleges, Massachusetts-based cybersecurity service and technology providers, and end-user businesses to expand the pool of potential cybersecurity to under-represented groups and displaced workers. The other, a $74,690 award, was given to the MassHire Greater New Bedford Workforce Board to advance a public-private partnership between the regional workforce boards of Southeastern Massachusetts, Bristol Community College, and the South Coast Chamber of Commerce, and employers in that region. The pilot is designed to help address the lack of skills and work experiences affecting Massachusetts employers and will utilize best practices developed in Israel to create training and work experiences for students in grades 10-12.

“The majority of cybersecurity breaches occur in smaller supply chain companies, threatening the entire supply chain. Yet these companies often cannot afford the staff or resources to address ongoing needs for ensuring a cyber-safe ecosystem.”

Those projects, as well as the Bay Path initiative, drive home the fact that there is not just a gap, but a real crisis when it comes to filling jobs in this emerging and now all-important sector.

“Companies are craving talent,” said Matthew Smith, director of Computer Science & Cyber Security Programs at Bay Path and assistant professor of Computer Science & Cyber Security in the School of Science and Management, as he attempted to qualify a problem that’s difficult to quantify.

That’s because while there are posted positions within this sector — many of them lacking candidates — many of the jobs are not posted, increasing the size of the gap.

Closing it requires not merely people with degrees in Cybersecurity, although that’s essentially a pre-requisite, said Smith, but individuals with what could be called real-world experience on their resumes, he said.

The pilot program will allow students at Bay Path and STCC to put five cybersecurity assessments on their portfolio, which should certainly help open some doors for them.

“Our students won’t just be getting a degree, but also the necessary talent to be contributing to the workforce on day one,” Smith told BusinessWest. “Once they have these assessments and use these tools that are industry standards, they’re going to be thrown right to the top of the application pool, because most of those are search-engine driven, so once they put these key words in there, they’re going to be very marketable.”

This marketability should only help further develop the graduate and undergraduate cybersecurity programs at Bay Path (both traditional and online) that are already seeing explosive growth, said Smith, adding that the industry needs not only workers, but gender diversity as well.

“Only 11% of the jobs in the field are held by women,” he said. “The gender imbalance is very real, and it’s our main mission to provide these women the skills and get them their degrees, so they jump into the cybersecurity workforce and start taking those unfilled positions and close that gender imbalance; many companies are craving diversity in their workforce.”

Securing a Better Future

As noted earlier, the name on this project is long and cumbersome. But it breaks the problem and one possible solution into one highly efficient and effective phrase.

The pilot program will set a high bar when it comes to potential outcomes and goals for achieving progress with the many significant challenges facing the cybersecurity sector and the cyber safety of individual companies.

But a high bar is necessary because the problems are real, they are growing, and solutions are needed.

This program was conceived to not only help this region clear that bar, but provide a roadmap for other regions to follow. If it can do all that, the state’s sizable investment will yield huge dividends.

George O’Brien can be reached at [email protected]

In these times, many people will be working remotely. In addition to accessing BusinessWest online, readers may wish to add their home address. To do this, e-mail [email protected], visit  https://businesswest.com/contact-us/subscribe/, or call 413.781.8600.