Even as cloud adoption grows, many organizations still rely on on-premise systems, leaving aging edge devices, outdated wiring, and unsupported hardware to quietly cause slowdowns, outages, and security gaps.
Join Aktion’s Network Engineering experts for a 60-minute live panel on why network infrastructure still matters and how to modernize often-overlooked areas. We’ll cover stressed edge environments, aging communication backbones, device compatibility issues, and how all of this affects performance and risk.
We’ll also explore the impact of outdated devices on security, backups, and data integrity, plus proactive management strategies to plan ahead rather than react.
What you’ll learn:
The hidden costs and operational risks of aging infrastructure
How outdated systems affect performance and cybersecurity posture
Proven modernization strategies that balance cost and performance
Real-world examples from construction, manufacturing, and distribution environments
Even as organizations accelerate their move to the cloud, a surprising amount of critical business operations still depend on on-premise infrastructure—servers, switches, and networks that quietly keep everything running.
But many of those systems are showing their age. And while modernization efforts often prioritize software, the physical backbone of your operations can easily become the weakest link if ignored.
The Hidden Cost of Standing Still
It’s easy to assume that once workloads are in the cloud, infrastructure modernization becomes less urgent. In reality, the opposite is true. Outdated on-premise and hybrid networks can cause costly ripple effects: downtime and lost productivity from failing hardware or slow response times, reduced employee experience due to latency and connectivity issues, and heightened security risks as aging systems lack the firmware, configurations, or ongoing software patching and support to withstand modern cyber threats.
The longer these systems remain unchanged, the greater the risk they pose security, agility, and profitability, three pillars that matter more than ever in 2026’s competitive landscape.
Why Infrastructure Still Matters in the Cloud Era
Whether your ERP is deployed in the public or private cloud, as a hosted or SaaS application, or on-premise, the network is still the bridge between your operations and your data. Even partial modernization can create silos if not supported by a strong infrastructure strategy.
A well-planned refresh can improve application performance and reliability, especially in hybrid environments. It strengthens security posture by closing legacy vulnerabilities and supports scalability for new workloads, integrations, and modernization initiatives.
Modernization isn’t just about replacing old equipment, it’s about intentionally designing a network that where all of the components work together to support the speed, stability, and resilience today’s businesses demand.
Join the Conversation: Live Webinar December 12 at 12 PM EST
To help business and IT leaders navigate this critical topic, Aktion’s Network Engineering team is hosting a live 60-minute webinar: “Modernizing What’s Left Behind: Why Network Infrastructure Still Matters” on Friday, December 12, 2025 at 12:00 PM EST.
During this interactive session, Aktion experts will share insights from the field, including the most common and costly mistakes companies make when delaying infrastructure refreshes, how to align modernization with existing cloud investments, and proven strategies to balance cost, uptime, and performance without disrupting daily operations.
This discussion will feature real-world examples from organizations that have successfully modernized their hybrid environments while improving reliability and scalability.
Who Should Attend
This session is designed for C-level leaders, Operations Managers, and IT Directors in construction, manufacturing, and distribution who are responsible for ERP performance, business continuity, or infrastructure modernization planning.
Aktion’s Expertise in Modernization and Managed Services
As a long-time partner to hundreds of mid-market organizations, Aktion Associates combines modernization consulting, managed services, and infrastructure design to help clients future-proof their technology foundations. From lifecycle management to cybersecurity integration, Aktion’s team brings the tools and expertise to help you refresh strategically, not reactively.
Don’t Wait for Downtime to Force Your Next Move
Modernization doesn’t have to be disruptive or expensive, but delaying it always is. Your infrastructure plays a direct role in your ability to scale, protect data, and deliver seamless ERP performance.
Join our experts on Friday, December 12 at 12 PM EST to learn how to modernize what’s left behind before it slows you down.
As cyber threats continue to evolve, organizations must shift from reactive risk management to a proactive resilience strategy. Join us for an insightful Risk to Resilience webinar, where industry experts will explore key security challenges, best practices, and innovative solutions to enhance your organization’s cyber resilience.
What You’ll Learn:
Whether you’re a security leader, IT professional, or business executive, this webinar will equip you with the knowledge to navigate today’s complex security landscape confidently.
Don’t miss this opportunity to learn from top experts and gain valuable insights to fortify your organization.
The step-by-step incident response playbook that could save your business millions
In this comprehensive 60-minute webinar, we’ll move beyond theory to provide you with actionable, real-world strategies for responding to and recovering from cyber attacks. Whether you’re updating an existing incident response plan or building one from scratch, you’ll leave with practical tools and templates you can implement immediately.
Agenda
Who Should Attend
The construction industry is increasingly becoming a prime target for cyberattacks, driven by the extensive use of third-party suppliers, vast amounts of personal data, and the significant financial stakes involved in projects. Despite clear warning signs that appear all too frequently in the media, many companies in the industry still view cybersecurity as an afterthought. We have found that this is largely because most business owners don’t see their data as being particularly valuable to threat actors, not considering that it is exactly as valuable as whatever they would be willing to pay to get it back.
Safeguarding Information and Enhancing End-User Behavior
The cornerstone of cybersecurity in construction remains the tried-and-true practices of information security and end-user behavior. Given the sensitive data involved—from contractor and investor information to supplier details—everyone in the construction process must understand and follow regulatory and cybersecurity best practices. This awareness helps prevent data breaches caused by malicious actors and unintentional mistakes or accidentally deleting or failing to archive emails that could be needed for litigation or defense.
Securing the Supply Chain
Managing a construction supply chain involves many subcontractors and suppliers exchanging digital information alongside physical goods and services. This digital exchange extends beyond the obvious players to include essential service providers, like email and accounting software companies.
Cyberattacks on your suppliers can be as harmful as those targeting your business, providing a backdoor for threats to infiltrate your organization. To mitigate this risk, it’s essential to implement robust cybersecurity measures when collaborating with suppliers and partners. Some spooky wisdom from days past… “Trust No One.”
Begin by mapping out your entire supply chain and identifying the highest-risk vendors. Understand their security protocols and ensure your contracts clearly outline each party’s security responsibilities.
Cyber Insurance: A Reactive Measure
While cyber insurance is often included in the cost of a construction project, it’s primarily a reactive measure, focusing on financial mitigation rather than prevention. Even with insurance, breaches that leak personally identifiable information (PII) or other sensitive data online can cause significant project delays. It’s also important to note that having a policy comes with implementing proactive safeguard measures to align with the policy requirements.
Next Steps: Partnering with Aktion for Cybersecurity Excellence
Partnering with a Managed Security Service Provider (MSSP) like Aktion can make all the difference in effectively addressing cybersecurity challenges in the construction industry. You’ll want to ensure your technology partner has the expertise to bridge knowledge gaps, ensure any required compliance, and streamline data management across your organization, ultimately strengthening your cybersecurity posture.
At Aktion, our Managed Detection and Response (MDR) services are designed to prevent and contain threats within large environments, minimizing potential damage. Our expertise extends to protecting sensitive data, implementing, continually auditing, and testing the most effective security measures. This includes Vulnerability Management as a Service (VMaaS), which ensures your digital assets are fortified against malicious actors.
Aktion’s holistic approach to cyber threat management enables us to assess, manage, and advise on potential risk exposure. We offer custom network and infrastructure hardening plans and maturity roadmaps tailored to your business, helping you advance your cybersecurity controls at every stage.
With Aktion on your side, you can rest assured that compromises and data exposures are challenges you’ll never have to face alone. Are you eager to strengthen your cybersecurity?
Contact one of our experts today.
Aktion Cybersecurity Team • 2024
In today’s digital landscape, no business is safe from cyber threats. Join our summit to learn how to protect your company from devastating cyberattacks.
In this informative session, you’ll learn:
This event is ideal for business owners, IT professionals, and security managers who are dedicated to protecting their company’s data and reputation.
Cyberattacks are becoming increasingly more prominent. You might think that your data isn’t valuable – We will help you learn why that thinking may change. Empower yourself with the knowledge and tools to protect your most valuable asset – your company data!
Don’t wait until it’s too late. Register now to secure your spot at the Cybersecurity Awareness Summit and protect your business from cyber threats!
To improve security with sensitive online personal and corporate accounts, deploying Multifactor Authentication (MFA) is an effective solution at preventing takeovers. There are many Multifactor Authentication (MFA) tactics available that are effective and some are stronger than others. Recent hacking events called MFA Prompt Bombing have shown weaker MFAs are vulnerable.
Not All MFAs are Created Equal
An MFA requires users provide a username and password, and an additional authentication factor – fingerprint, one-time password, security key – before an account can be accessed. MFA implementations rely on a variety of different methods to deliver that second step of validation. Some methods use timed one-time passwords (TOTP), often a six-digit rotating code viewed in an authenticator app on smartphones, or optionally delivered via SMS/text messaging. Other methods may include biometrics or hardware keys to verify our identity. While these methods offer the best security, they can be complex to implement and tedious to use daily.
To reduce the deployment effort, there are less complex – and easier to exploit – methods that can use smartphone apps to receive push-style notifications, which asks if you are really trying to sign in. In other cases, it may even make a phone call to the user which requires a response with a key press. These push-style implementations of MFA are targets for attack. An Ars Technica article by Dan Goodin covers how the recent Solar Winds hackers exploited the push-style MFA by using prompt bombing.
MFA Prompt Bombing Triggers User Fatigue
This style of attack tries to introduce MFA fatigue by relentlessly attempting logins with discovered credentials in the hope that the end-user will eventually get tired of receiving the notices asking if they are trying to log in and simply click “yes it’s me”, either intentionally or accidentally. Since many online providers do not have a limit set on the number of times a MFA request can be sent out, there have been reports of people receiving a hundred notices an hour, sometimes in the middle of the night.
If you have an MFA policy implemented using this type of push notification, the underlying technology is still considered secure as it requires the user to always get notified if authentication is attempted and is still better than not having any MFA at all. However, it is important to be vigilant of the notifications being received. A good resource is this Watchguard blog, How To Avoid MFA Prompt Bombing Attacks.
If you are getting notified about authorizing a login to a trusted system that you are not actively connecting to, always deny the request. In addition, that may mean your credentials could have been compromised as well, which should prompt you to change your password as soon as possible. If a TOTP method is available for your MFA implementation, or biometric options exist (commonly called FIDO2 for Fast Identity Online), moving to this type of deployment can mitigate these attacks designed to trick us. If you have questions about MFA prompt bombing, your MFA deployment, or are interested in improving online security, please contact Aktion Associates so we can match the proper solution to your needs.
In these uncertain times, you can be certain that everyone is relying on technology more than ever before. Technology is how we can continue to do business and how we can connect with others while Social Distancing. The world has slowed down, but without technology, it would stop. Today, no one can afford a technology outage.
Disaster Recovery (DR) is the ability to recover after a technology failure. Disaster Recovery is like insurance that you use only when the unanticipated occurs in order to get you back on your feet. But there is a deductible, a heavy deductible that has to be paid. That deductible is the loss of business during the time it takes to recover and the possible loss of data that hadn’t yet been backed up when the disaster occurred. DR hurts, but it gets you back on your feet.
High Availability (HA) is the ability to keep an application running through both planned and unplanned technology outages. Planned outages occur daily. Your application needs to be down to end-users when you run end-of-day processing or when you run your backups or for planned maintenance and upgrades. Unplanned outages rarely occur, but they are due to technology failures, infrastructure failures or natural disasters. With HA, your application is always available to end-users.
The difference between DR and HA is that with HA there is a spare server with current data that is ready to take over when the production server fails. The downtime is the time to switch over to the spare server and is typically 30 minutes or less. On the other hand, with DR, another server has to be provisioned and restored in order to get the application running again. DR is typically measured in days. HA is measured in minutes while DR is measured in days.
I had two customers who recently experienced server outages. One customer had an HA solution and the other customer was in the midst of implementing an HA solution but was not there yet. Both customers were on currently supported hardware and software platforms and were in good shape to be recovered. In both cases, it took the manufacturer’s service technicians two days to repair the server.
The first customer was back up and running their 150 retail outlets and warehouses in 30 minutes on their backup server. The other customer had to wait for the server to be repaired, the system to be restored and tested and was back up in 4 days. Thankfully, two of the days were over a weekend, when the business is closed, and it was a lighter than normal holiday week. HA = 30-minute outage, DR = 4-day outage.
It sounds expensive to have a spare server sitting around waiting for a disaster to occur, but the loss of business from a disaster can be far greater. The spare server can be in the same room as the production server or in another one of your locations or even in a managed data center. And you don’t even have to make an investment in a spare server, you can subscribe to a HA cloud server. And the spare server is available for other uses like application development and testing, reporting and data warehouse.
Some of us are busier than ever right now which is all the more reason to have an HA solution. You can outsource the entire HA project and get it up and running with minimal involvement of your staff. Others find themselves with time on their hands making this the perfect time to invest in HA to be prepared for when things get back to normal.
In all versions of Windows since the release of Windows Vista, one of the key features the Windows Start Menu supports is a quick search. You can try this by clicking on the start button and start typing. Typing when the Start Menu UI is active will change the screen to a search type screen. This is a great feature if you’re not sure where a program or document is located on your PC. While not an obvious UI element, understanding you can start typing while the Start Menu is active is a very handy feature to quickly find things.
We have seen many instances where users complain the search function cannot find anything. Search UI opens up, but searching does not find anything. We’ve seen this occur on Windows 10 workstations and Windows Server 2016 systems, but not necessarily on all systems. Additionally, we have seen a few isolated instances where at first the keyboard didn’t seem to work when logging into Office 365 with Modern Authentication enabled.
The core issue is CTFMON is not running. You can test this quickly by going to Run… on the Start Menu and starting up CTFMON manually. At this point, test to see if this clears up the Search issue. If so, this will stay running until you next reboot your system.
For a permanent fix, you will want to start Windows Task Scheduler and check to ensure the MsCtfMonitor is set to run automatically for any user who logs on. Launch the Task Scheduler application which is built into Windows and expand the tree on the left under Microsoft –> Windows –> TextServicesFramework. Check the task MsCtfMonitor to ensure it is not disabled. It should be set to Ready as the example below shows.
Most of us are by now aware that the coronavirus (and the associated disease which frequently results from infection, COVID-19) has had major impacts within the IT supply chain. This has resulted in shortages in IT equipment from nearly all major vendors, and across all classes of devices. Savvy business owners are planning for the lack of general availability by ordering what’s in stock when it’s in stock to keep business processes from breaking down.
But not all businesses have turned their attention to the human impacts of a far-reaching epidemic. Widespread concern for safety will almost certainly lead to a much greater demand for remote working capabilities, and IT providers may struggle to keep up. In order to prepare for the possibility that the majority of office employees will follow government recommendations to stay home to help, smart IT leaders are taking the following steps:
1. Increasing bandwidth, remote connectivity infrastructure, and security to help mitigate the increased risk and demand of a higher percentage of remote workers
2. Ensuring that employees understand the methods and capabilities of remote access to the business environment
3. Developing remote user policies and guidelines to ensure that business continues to be conducted on secure, managed endpoints or through zero-trust interfaces
4. Authoring and disseminating response plans and safe practices for reducing risk of spread
A few resources which can potentially be of use as you plan your own response are listed below:
How HR leaders are preparing for the Coronavirus
Checkout Steve Roger’s blog addressing the challenges hardware manufacturers face: Is The Coronavirus Affecting Lenovo Hardware Availability?
