45

5 Reasons Why You Should Get On The Cloud

45A recent article by The Guardian (UK) states that the cloud industry is set to see a growth of around 30% soon. But many small and medium business owners are still struggling to make sense of the cloud and how it can benefit them. If you are one of them, then here’s what’s in store for you when you migrate to the cloud:

1. Connectivity - Being on the cloud gives you unparalleled connectivity to your data—from anywhere and at any time. All you need is a device that can connect you to the web and you are set!

2. Save On Hardware Costs - Using the cloud for certain programs spares you the cost of investing in specific hardware. Even devices as simple as your smartphone or a tablet can help you access those applications so you don’t have to spend money on dedicated hardware. Studies have shown that cloud users end up enjoying as much as a 17% IT cost reduction compared to their non-cloud counterparts.

3. Cloud Enables SAAS - The cloud allows you to use software as a service. Microsoft 365 is one such example. When you use software as a service, you enjoy certain benefits such as more regular updates at a lower cost and the ability to have anyone work on the program for you by sharing the access credentials with them.

4. More Efficient Use of IT Staff - Moving to a cloud-based environment puts the burden of maintenance and downtime reduction on your service provider. That means you can use your limited IT staff more efficiently and also don’t have to worry about the costs associated with such maintenance or downtime.

5. Improved Productivity - Studies have shown that cloud users enjoy better productivity than their non-cloud counterparts. This could be because cloud service providers are better equipped to handle any IT eventualities than the average SMBs.

So, perhaps it’s time to ‘get cloudy’ and enjoy all that the cloud has to offer your SMB. And…if you need help in doing that, CLICK HERE.

44

The Benefits of a Managed Service Provider

Managed Service Providers – or MSPs – are often recommended as a cost effective IT solution for small businesses. For a minimal monthly fee, MSPs provide a reasonably priced solution to the complex technology pains of small businesses. Here’s a look at the various benefits an MSP can offer your business…

  • Freed-Up Resources and a Renewed Emphasis on Core Business – Both business owners and internal IT staff would much rather focus on revenue enhancing tasks like product development or the creation of cutting-edge applications/services. This is one reason routine monitoring and maintenance tasks are often neglected by an internal IT person or team, which always proves to be detrimental much l44ater. Often misportrayed as a “threat” to an internal IT person or staff, MSPs can instead relieve internal staff of mundane network operations maintenance, repetitious monitoring of server and storage infrastructure, and day-to-day operations and help desk duties.
  • A True Partner Sharing Risks And Responsibilities -The goal of an MSP is to deliver on contracted services, measure, report, analyze and optimize IT service operations, and truly become an irreplaceable catalyst for business growth. Managed Service Providers not only assume leadership roles, they enable risk reduction, enhance efficiency and change the culture by introducing internal IT operations to new technologies and processes.
  • Access to Expertise, Best Practices and World-Class Tools and Technologies – MSPs have experience with a variety of businesses and organizations. Managed Service Providers can keep your business relevant and on track with continually evolving technology, support, and productivity demands. Let’s face it, no small or medium sized business can afford to fall behind with technology trends in today’s business world.
  • The Benefit of a Full-Time Fully Staffed IT Department at a Fraction of the Cost – Most small business owners live and die by proactive management. They just haven’t had the budget, resources or access to on-demand expertise to be proactive with information technology management. A Managed Service Provider gives business owners and overwhelmed internal IT staff affordable computer and server support, remote monitoring of critical network components like servers and firewalls, data backup and disaster recovery, network security, custom software solutions, and technology evaluation and planning.

Managed Service Providers can decrease the overall IT support costs by as much as 30% to 50%. Rather than being stressed about technology, business owners can instead get back to focusing on growing their business. All while enjoying the benefits of highly-trained IT experts boosting their network’s reliability and performance.

Choose Cognoscape as your MSP. CLICK HERE for a free network assessment.

55

Cybercrime and SMBs

 WHAT HAPPENS ON MAIN STREET STAYS ON MAIN STREET

When hackers breach the security of corporations it makes headlines, yet there is rarely a mention when cybercrime hits small to medium sized businesses (SMBs). Very few people are even aware that today’s cybercriminals are targeting SMBs, not just supersized global businesses. According to Verizon’s 2013 Data Breach Investigations Report, 71% of the data breaches investigated by the company’s forensic analysis unit targeted small businesses with fewer than 100 employees. Of that group, businesses with less than 10 employees were the most frequently attacked.

55EVERYONE IS A VICTIM WHEN IT COMES TO CYBERCRIME

The loss and exposure of confidential data from a cyber-attack is costly to both the people victimized and the businesses whose data was compromised.

For the victim, hackers typically retrieve personal information, bank account, credit card and social security numbers, resulting in identity fraud. The stress and time involved to reclaim their identity and get their financial house back in order is beyond measure.

For businesses, there are 47 state-specific DBN (Data Breach Notification) laws in effect in the United States. Adding to the complexity and costs of this process is the fact that laws and compliance obligations vary from state to state. A breach of customer data in Pennsylvania will have different breach notification and follow-up requirements than a breach involving a customer in Massachusetts. This means firms servicing customers and clients from more than one state are responsible for these duplicative legal, regulatory and compliance burdens.

CYBERCRIME COMES AT A HIGH PRICE FOR SMBs

According to research compiled by the Ponemon Institute in their 2nd Annual Cost of Cyber Crime Study, the average cost per breached record in the U.S. is anywhere between $150 to $200. This amount factors in the costs of the investigation and notification process, fixing the issue that led to the breach, possible liability and litigation costs, lost business, and the time and effort that go into damage control. In many cases, a damaged reputation may prove to be irreparable. Nearly two-thirds of victimized companies are out of business within six months of a significant cyber-attack, making cybercrime the death knell for many SMBs. This is because the consequences of cybercrime extend well beyond the actual incident and have long-lasting implications.

Small businesses obviously don’t have the same financial footing to rebound and carry on with business as usual in the way organizations like Target, Amazon, Apple, or Citibank can.

Symantec’s research found that customers affected by security breaches are generally less forgiving of smaller businesses, especially smaller online retailers, than larger companies. SMBs are contending not only with lost revenue and expenses, but also the possibility of never regaining the trust of customers, clients and business partners.

Symantec’s 2012 State of Information Survey found that nearly half of all SMBs admitted to a data breach damaging their reputation and driving customers away.53

The trend of cybercriminals preying on smaller businesses doesn’t seem to be waning. According to Symantec, the number of cybercrime attacks targeting firms with fewer than 250 employees jumped from 18 percent of all attacks in 2011 to 31 percent in 2012.

WHY CYBERCRIMINALS ARE ZEROING IN ON SMALL BUSINESSES

Large corporations have the resources to invest heavily in the most sophisticated security strategies and successfully stop most cybercrime attempts. A typical large enterprise may have over twenty in-house IT dedicated employees ensuring that every device connecting to their network is adequately protected.

In comparison, SMBs have neither the money nor the manpower of large enterprises and can’t afford the same level of security. Very few SMBs have fulltime IT dedicated personnel on hand to run routine security checks. Even those who do have in-house IT support often find that their internal resources are too bogged down with other tasks to properly address security upkeep.

A joint survey of 1000 SMBs conducted in September of 2013 by McAfee Internet Security and Office Depot further confirms how lax many SMBs are when it comes to protecting their data.54

Not only have SMBs become easy prey for cybercriminals, but their sheer abundance also makes them an alluring target. There are roughly 23 million SMBs in the United States alone. Half of that figure is comprised of home-based businesses. Even in a struggling economy, it’s projected that there are still an estimated 500,000 startups launching every month with only a handful of employees.

SMBs ARE NOT “TOO SMALL TO MATTER”

Since most cybercrimes affecting smaller businesses go unreported by the media, there is no sense of urgency by SMBs to prepare for cyber-attacks. Too many SMBs mistakenly view their operations and data as trivial to hackers. They feel that large online retailers, global banks, and government entities are much more attractive targets for hackers.

The goals and methods of cyber attackers are evolving and will continue to evolve. The era of one “big heist” for hackers is over. Cybercriminals today often prefer to infiltrate the data of many small businesses at once, stealing from victims in tiny increments over time so as to not set off an immediate alarm. This method takes advantage of those SMBs who are especially lax with their security processes and may not even realize there has been a security breach for days or sometimes even weeks. SMBs must end the “It will never happen to us” mindset. For instance, political “hactivists” have been responsible for a number of high-profile Denial-of-Service (DDoS) attacks in recent years. The goal of a hactivist is to disrupt the status quo and wreak havoc on the technology infrastructure of larger corporations and government entities. It’s a form of cyber anarchy: A “stick it to the man” philosophy spearheaded by groups like 4chan, Anonymous, LulzSec, and Anti-Sec.

An owner or Chief Information Office (CIO) at a SMB may read of these high publicized attacks in the press and not think anything of it. They aren’t Sony, Apple, or the Department of Defense, so why would a hactivist target their data? But it’s estimated that there are on average 1.29 DDoS attacks throughout the world every two minutes and such activity is much broader in scope than the press may lead us to believe.

SMBs- THE ACCESS RAMP TO BIGGER & BETTER DATA

One reason small businesses are more vulnerable is they’re often the inroad to larger better-protected entities. They are often sub-contracted as a vendor, supplier, or service provider to a larger organization. This makes SMBs an attractive entry point for raiding the data of a larger company. Since larger enterprises have more sophisticated security processes in place to thwart cyber-attacks, SMBs often unknowingly become a Trojan horse used by hackers to gain backdoor access to a bigger company’s data. There is malware specifically designed to use a SMBs website as a means to crack the database of a larger business partner.

For this reason, many potential clients or business partners may ask for specifics on how their data will be safeguarded before they sign an agreement. Some may require an independent security audit be conducted. They may also ask SMBs to fill out a legally binding questionnaire pertaining to their security practices.

Moving forward, a SMB that is unable to prove they’re on top of their infrastructure’s security will likely lose out on potentially significant deals and business relationships. More large enterprises are being careful to vet any business partners they’re entrusting their data to.

CLICK HERE for a free network assessment.

43

Understanding How Data Loss Happens – The Four Main Reasons

43Small business owners are often worried about data loss. Rightly so, because data loss has the potential to wipe out a business. We have identified the most common forms of data loss so you can see how they fit into your business and assess the risks related to each of these pitfalls.

1. Human Error - Human error – by way of unintentional data deletion, modification, and overwrites – has become much more prevalent in recent years. Much of this is the result of carelessly managed virtualization technology. While virtualization and cloud computing have enabled improved business continuity planning for many businesses and organizations, humans must still instruct this technology how to perform. The complexity of these systems often presents a learning curve that can involve quite a bit of trial and error. For instance, a support engineer may accidentally overwrite the backup when they forget to power off the replication software prior to formatting volumes on the primary site. They will be sure to never do that ever again, but preventing it from happening in the first place would be more ideal.

2. File Corruption - Unintended changes to data can occur during writing, reading, storage, transmission and processing – making the data within the file inaccessible. Software failure is a leading cause of data loss and is typically the result of bugs in the code. Viruses and malware can also lead to individual data files being deleted and hard drive partitions being damaged or erased.

3. Hardware Failure - Storage devices may be at risk due to age, or they may fall victim to irreparable hard-disk failure. Viruses and hackers can also potentially shut down a hard drive by inserting undeletable malicious code and huge files via open, unprotected ports. If these malicious programs cannot be deleted, the entire hard drive may have to be reformatted, wiping out all the data.

4. Catastrophic Events/Theft - The threat of catastrophic events such as fire, flooding, lightning and power failure is always a concern. Such events can wipe out data in a millisecond with no warning. Theft is also a data loss risk that companies must address. While advances in technology like anytime/anywhere connectivity, portability and the communication/information sharing capabilities of social media and crowdsourcing have revolutionized business – the risk for theft is even greater due to this increased accessibility. More people are doing daily business on their laptop, iPad and mobile phones. They are also carrying around portable media like thumb drives, USB sticks and CDs. Physical theft of any of these devices can spell big trouble.

Data loss is as unique as the various sources from which it comes. The key is to identify the areas in which your business is weak and work towards a mitigation plan for each one of them. An MSP can act as a trusted partner in such cases, holding your hand through the process of safeguarding your data.

Prevent data loss with Cognoscape. CLICK HERE for a free network assessment.

42

Four Tips for Your Hybrid Cloud Strategy

42It should come as no surprise that many small to midsize business owners take pride in overseeing every aspect of their startup business. Naturally, many are apprehensive when it comes to surrendering control of their servers, their data, and their applications. The downside of this need for control is that operating and maintaining everything onsite can be time consuming, super expensive, and it can make your business more vulnerable to failure related downtime and cyber threats. Although everything can be stored in the cloud at a fraction of the cost, many aren’t responsive to the idea of sharing the infrastructure their technology runs on. The great thing about the cloud is it’s not an all or nothing thing. This is exactly why so many small to midsize businesses have turned to hybrid cloud solutions. Just as they name implies, hybrid cloud solutions are both on and off premises. It’s the best of both worlds. An entrepreneur can still control certain aspects of the business on-site, but simultaneously exploit the cloud’s cost effectiveness and overall scalability. For example, a local server like Windows Server 2012 can be housed and managed on-site but that server, or just specific files, can still be backed up in the cloud with Microsoft Windows Azure and stored far away off-site. This provides a partial disaster recovery solution in the event of a hurricane, flood, fire, or just a basic server crash.

Here are four tips for developing your hybrid cloud strategy:

  1. Honestly assess the current IT strategy – Over time, as your business grows and technology advances, your well-planned and neatly arranged IT infrastructure transforms into a disorganized mishmash of different servers and disconnected software and tools. View this almost as the spring-cleaning of a cluttered garage. What systems or applications are critical to your business right now and which ones no longer support your current or future business initiatives?
  1. Know what you want to keep close – Every business will be different in this regard. Certain companies will prefer keeping large files in-house, in a more controlled private cloud, for easy access but may be okay with having their emails out there in the cloud or vice versa.
  1. See how others are leveraging a hybrid cloud environment – New services once only available to large enterprises are now available to SMBs. This presents an extraordinary opportunity to be more agile, flexible, and better suited for new business opportunities and growth. Remote monitoring, 24/7 support, and disaster recovery solutions can be easily integrated within a hybrid-computing environment – regardless of operating systems, server types, or mobile devices used.
  1. Staged implementation – Be sure to plan your hybrid cloud strategy as a multi-year plan that is deployed in phases. For example, in the beginning, private controlled access to a public cloud service can be granted to internal application developers experimenting with a new business initiative. Or a new customer relations management SaaS (Software as a Service) application can be implemented.

This is the year that even small or midsize enterprises are getting serious about cloud operations and a strategic mix of public cloud services and private cloud may make the transition easier.

CLICK HERE for a free network assessment

40

What You Can Learn From U.S. Regulator’s Business Continuity & Disaster Recovery Recommendations

U.S regulators have recommended that all fu40tures and securities firms review and update their current data backup, disaster recovery, and business continuity solutions. Prompted by closures in the equities and options market in the aftermath of Hurricane Sandy, Regulators including the SEC, FINRA, and the CFTC contacted firms to assess the impact Hurricane Sandy had on their operations The regulators asked each firm for specifics regarding any backup disaster recovery (BDR) and business continuity plan (BCP) they had in place prior to Hurricane Sandy. The responses they gathered were compiled to develop a list of best practices and lessons learned. The regulators have since gone on to suggest that all firms refer to these best practices and lessons as part of reviewing and improving upon their current BDR and BCP procedures. By doing this, the regulators hope that firms will be better prepared for similar events. Regulators feel that a comprehensive BDR and business continuity strategy will help firms improve responsiveness and minimize downtime. Managed Service Providers (MSPs) have always stressed the importance of the BDR and BCP solutions they offer to small-to-medium-sized businesses. That said, it doesn’t hurt to see what government regulators recommend to those handling our money. We’ve summarized portions of the full report, addressing only the parts that we feel can easily be applied to SMBs. The full report can be read here at http://www.sec.gov/about/offices/ocie/jointobservations- bcps08072013.pdf.

Widespread Disruption Considerations

True business continuity plans go beyond technology. What is the probability of a widespread lack of telecommunications during a disaster? We’re talking no Internet and no cell phone coverage. Large-scale events can knock out power and limit our access to drinkable water and food supplies. Getting around may be complicated. Roadways might be inaccessible and fuel may be scarce. Part of being prepared for the unknown is to assess how any plausible scenario would impact day-to-day operations and services. A critical component to business continuity planning is remote access. Every employee should have the ability to efficiently work from home if a disaster strikes or blocks access to the office. If there is no power or no Internet and phone, alternatives should be defined to carry out key operations.

Alternative Location Considerations

The implications of region-wide disruptions must be factored into the location choices for backed-up data centers. Keeping backups within close proximity may seem like a smart strategy to ensure they’re readily accessible, but this does you no good if it’s a region wide disruption. When it comes to supporting business critical activities at an alternative location, what will be the site’s staffing needs? How about office space, equipment, and available resources? Printed copies of the business continuity plan, contact lists, and other business documents and manuals should also be kept at the alternate site if electronic files can’t be accessed.

Vendor Relationships

Any critical vendor relationships should also have an adequate business continuity plan, as they may be affected by the same event as you. Vendors risk ratings should be considered based on the quality of their BDR and BCP strategies.

Telecommunications Services and Technology Considerations

The telecommunications infrastructure must be enhanced. Consider secondary phone lines, backup mobile phone services with different carriers, emergency Wi-Fi spots, and cloud technology.

Review and Testing

Annual full BCP tests should be conducted. If the business continuity plan changes often, more frequent testing is recommended. All personnel should be trained for their specific role in the plan.

CLICK HERE for a free network assessment.

33

3 Steps to Improved BC/DR Planning

33Step 1 – Recognize the Need and Importance

Business continuity and disaster recovery strategies tend to be on the to-do lists of many SMBs, but they are often delayed as more urgent business issues emerge. U.S. businesses lose roughly $1.7 billion in profit each year from network outages according to the same 2011 CDW business continuity survey referenced earlier. Obviously, it isn’t smart business for an SMB to let business continuity and disaster recovery planning become an afterthought.

To structure a solid business continuity plan, SMBs must be prepared for all possible disruptions. It is important to note that business continuity goes beyond being prepared for natural or man-made disasters. We are now so technologically dependent that BC/DR plans must be in place to counter any disruption – big or small – that threatens business and profitability. Internal technical or infrastructure failures or cyber-attacks are obvious examples. Small internal “single-points-of-failure” can bring down an entire operation.

 

Step 2 – Impact Analysis and Risk Assessment

Constant availability is critical to success. In order to minimize downtime, it’s important to determine what technology is behind each phase of your business operations. Knowing the technology infrastructure of your business allows for a comprehensive impact analysis and a better grasp of the impact on business operations when specific technology fails or becomes unavailable – even for a short period of time.

Determining what could unexpectedly bring down each piece of that infrastructure is risk assessment. Risks come in the form of either internal or outside threats. Internal threats can be anything from an application failure, disk crash, and server malfunction to human error or a bitter employee. External threats can vary depending on location – natural disasters like hurricanes, earthquakes, tornados, floods, and fires, as well as man-made events like power outages, acts of terror, and accidents can knock out services. Additionally, our dependency on technology leaves firms susceptible to cyber-attacks like malware, computer viruses, phishing schemes, and the theft of personal mobile devices used for work purposes.

While major disasters do occur, and shouldn’t be overlooked, it is the smaller everyday disruptions like power outages, server crashes, email issues, equipment failure, and lost or corrupted data that pose the bigger risk to business.

Doomsday prepping may be the rage these days, but a sound BC/DR plan typically begins by focusing on addressing the day-in and day-out disruptions first. Documenting, reviewing, communicating, and testing the effectiveness of smaller response scenarios will better prepare businesses for potential disasters and longer-term disruptions.

 

Step 3 – Look to Recent Tech Trends That Simplify Planning

Recent technology developments like server and desktop virtualization, cloud computing, and mobile devices are beneficial to SMBs looking for BC/DR solutions.

Virtualization – BC/DR preparedness may be the most compelling reason to consider virtualization. Virtualization allows businesses to condense data and applications onto fewer servers – taking up less space and consuming less power. Virtualization allows small-to-medium sized businesses the benefit of high availability (HA) without the added expense of building a backup data center. Operations can be restored faster as the entire system can be brought back in a single virtual container.

Cloud Computing – More firms are moving to the cloud for backup services. The cloud has enabled small and medium sized businesses to backup operations away from their primary location and enhance their business continuity process at a reduced cost.

Cloud-based Software-as-a-Service (SaaS) packages often come with built in business continuity solutions that can automate data backup processes onsite or off-site – spreading out risks and minimizing the impact of a disaster. Data, servers, software, and tools can be stored in the cloud and remain safe if a business is hit by a computer virus or disaster. The cloud also allows remote workers to access an organization’s communication and collaboration tools, further allowing for “business as usual” in the event of a serious disruption.32

Although it is understandable that ownership and upper management at small to medium sized businesses are hesitant to spend money, BC/DR planning is a lot like insurance. It is human nature to think that bad things won’t happen to you, but the investment pays off the when you’re hit by an extreme event or emergency.

New technology trends and the back-up-as- a-service, remote backup, and online backup services provided by MSPs have given SMBs the ability to safeguard their business operations at a reasonable cost. Money and resources can no longer be an excuse for a lack of solid BC/DR solutions. There is way too much at risk. Plan now and CLICK HERE for a free network assessment.

31

Business Continuity and Disaster Recovery for Small Businesses

31As a small business owner, you owe it to yourself, your employees, stakeholders, and any customer you serve to honestly answer this one question: Is your business resilient enough to withstand short or long-term interruptions to its operations?

The answer should be immediate. If you have to pause or think for one second before responding, the answer is no. Each day of business brings with it unforeseen risk. Whether it’s catastrophic weather conditions, cyber- security threats, or the vulnerabilities of the technology we’re dependent on to perform daily work functions, there must be both a business continuity (BC) and disaster recovery (DR) plan in place. There must also be complete confidence in the effectiveness of the BC/DR strategies that are implemented.

The truth of the matter is most small-to-medium sized businesses (SMBs) aren’t doing nearly enough when it comes to continuity and disaster planning. It’s inconceivable that in this era where smaller businesses store more sensitive data than ever before, and the risk of losing this data is so great, that a 2011 Systematic survey revealed that up to 57% of small businesses still have no business continuity or disaster recovery plan in place.

A few years ago, a study conducted by Forrester Research concluded that 66% of businesses with fewer than one hundred employees admitted to having no tested response to not just tech issues like a downed server or network but disasters, emergencies, and power outages.

Let’s break down some of the potential costs of short and long-term business interruptions, why far too many SMBs don’t have a solid business continuity/recovery plan in place, and the necessary steps SMBs can take to get prepared.

 

A Competent BC/DR Strategy Is a Must

Often misconceived as a problem for the “big guys,” business continuity is a concern for businesses and organizations of all sizes – whether there are 5 or 5,000 employees. The costs of having no solutions in place are too high for many smaller companies to rebound from.

Several hours of unplanned downtime can result in thousands of dollars lost each hour. That’s the kind disruption a small business may face from a shorter-duration tech issue or power outage. Imagine the consequences of longer lasting outages, where a business may be down for days or weeks, as seen in natural disasters like Hurricane Sandy and Hurricane Katrina, or acts of terror like the 2001 World Trade Center attack.

Beyond the immediate tangible costs of outages like lost productivity and revenues, there is also an intangible domino effect that may be harder to quantify. The repercussions can greatly exacerbate the total losses over time, for instance:

  • Customers/Clients Jumping to a Competitor: The web hosting company1&1 Internet, Inc. reported that 72% ofweb users admit to abandoning a businessfor a competitor if they can’t instantlyaccess a company website or encounternumerous error messages, problemsplacing an order, or issues accessing onlinefeatures/support. People want immediategratification today and will take theirdollars elsewhere if they don’t get it.Even more alarming is the fact that 58%are likely to never return, which meansthe loss of long-term revenue streams.Perhaps they may be more forgiving inthe event of a crisis like a natural disasterbut there will still be those who go to acompetitor and never come back.
  • Word-of-Mouth/Negative Brand Reputation: Thanks to the power of socialmedia, those frustrated by instances ofdowntime will take to Facebook or Twitterto quickly spread their vitriol. Brandbuilding and reputation managementare critical to small businesses. Anynegative attention and publicity broughton by downtime can have long lasting consequences.
  • Disgruntled Employees: In small companies or organizations, the burden of troubleshooting recurring tech issues or getting a system back online will typically fall upon the shoulders of an already busy, possibly overworked, employee. This multi-tasking employee will have to sacrifice bigger priorities to constantly play damage control. He or she will sometimes have to do this outside of normal work hours and may be pulled away from projects that generate revenue. If they aren’t happy about this, they may seek employment elsewhere. Both high turnover and the inability to use an employee’s knowledge and skill set for revenue generating tasks are costly to small-to-medium sized businesses.

Too Many SMBs Aren’t Prioritizing BC/DR Plans

Businesses are fueled by information. They are defined by their ability to efficiently and safely handle the data and vital information they generate or process on a daily basis. It is this data that keeps their day-to-day business functioning, ensuring optimal customer service and interaction. While protecting data is a priority for large enterprises, small-to-midsize business owners have the same responsibility but are challenged by limited budgets. For a start-up, the entire focus must be customer-facing, with few resources directed at anything not driving short-term revenues.

This means far too many SMBs today are failing to employ some very basic safeguards to ensure BC/DR.

A September 2011 CDW Business Continuity Straw Poll suggested that 82% of U.S. service disruptions could be reduced or altogether eliminated by even the most basic BC/DR plan. So why aren’t more SMBs taking these precautions?

  • Failure to Recognize a Problem: Most SMBs don’t think about business continuity or disaster recovery until it’s too late and they’re scrambling to recover after being taken down. It’s ironic since so much focus goes into keeping a business sustainable by growing sales, or outdoing the competition, yet a vital part of “staying in business” is overlooked when it comes to their supporting technology.
  • Intimidating and Complex Planning Tools: SMBs looking to streamline costsand simplify procedures will sometimeswrite off BC/DR practices as unnecessary.Those who do recognize the importanceof preparedness are often overwhelmedby the complex technical jargon thataccompanies business continuity planningand don’t know where to begin when theyhear terms like “business impact analysis”and “risk assessments.”
  • They Feel as if They Can’t Afford It and They’re On Their Own: Decision-makers may know they’re living on theedge without a tested strategy, however,they don’t realize that new technologytrends, and the availability of productslike managed service providers (MSPs),can reduce costs and save on resources.MSPs can leverage their knowledge of anSMB’s specific needs with the numerouscloud and hosted backup and recoverytools currently available today.

Create a plan. CLICK HERE for a free network assessment.

 

27

8 Cold Hard Truths for SMBs Not Worried About Disaster Recovery and Business Continuity

27The foundation of any successful business continuity solution is the ability to retrieve data from any point in time from anywhere. When the topic of data recovery and business continuity comes up, you get the feeling that many decision makers at smaller businesses and organizations wish they could channel their inner six year old, simply cover their ears, and sing “La, la, la. I Can’t Hear You. I’m Not Listening.” Everybody things bad things only happen to other people. Just because we hear about a fatal car accident on the morning news, doesn’t mean we fixate on that news when we ourselves get into a car and drive to work. So no matter how many times the owner or CIO of a small to midsize business (SMB) hears of other small businesses being crippled by hurricanes, tornados, fires, or flooding, they aren’t necessarily overcome with fear to the point that they feel an urgency to take action. Sure, they may think about backup and data recovery solutions a little more that day, but not enough to initiate immediate change or reverse a lenient approach to their processes. If you fall into this category, here are eight cold hard truths to consider

  1. It isn’t natural disasters or catastrophic losses like fires that take down small businesses but something far more sinister – malware. Cyber attacks through malware have grown exponentially in the past four years. Malware is hitting everything from PCs to Macs to mobile devices and it’s inflicting damage.
  2. Over half of the small businesses in the U.S. have experienced disruptions in day-to-day business operations. 81% of these incidents have led to downtime that has lasted anywhere from one to three days.
  3. According to data compiled by the Hughes Marketing Group, 90% of companies employing less than 100 people spend fewer than eight hours a month on their business continuity plan.
  4. 80% of businesses that have experienced a major disaster are out of business within three years. Meanwhile, 40% of businesses impacted by critical IT failure cease operations within one year. 44% of businesses ravaged by a fire fail to ever reopen, and only 33% of those that do reopen survive any longer than three years.
  5. Disaster recovery solution providers estimate that 60% to 70% of all business disruptions originate internally – most likely due to hardware or software failure or human error.
  6. 93% of businesses unable to access their data center for ten or more days filed for bankruptcy within twelve months of the incident.
  7. In the United States alone, there are over 140,000 hard drive crashes each week.
  8. 34% of SMBs never test their backup and recovery solutions – of those who do, over 75% found holes and failures in their strategies.

It’s critical that small businesses review their backup and disaster recovery processes and take business continuity seriously. Given the vulnerabilities associated with the cloud and workforce mobility, the risk of critical data loss today is quite serious and firms must be truly prepared for the unexpected.

CLICK HERE for a free network assessment.

25

Stay Secure My Friend… More Hackers Targeting SMBs

Many SMBs don’t realize it, but the path to some grand cybercrime score of a lifetime may go right through their backdoor.  SMBs are commonly vendors, suppliers, or service providers who work with much larger enterprises. Unfortunately, they may be unaware that this makes them a prime target for hackers. Worse yet, this may be costing them new business.

Larger companies likely have their security game in check, making it difficult for hackers to crack their data. They have both the financial resources and staffing power to stay on top of security practices. But smaller firms continue to lag when it comes to security. In many cases, the gateway to accessing a large company’s info and data is through the smaller company working with them. Exposed vulnerabilities in security can lead cybercriminals right to the larger corporation they’ve been after.

25Cybercriminals Target Companies with 250 or Fewer Employees

In 2012, Symantec research confirmed that cybercriminals are increasingly targeting smaller businesses with 250 or fewer employees. Attacks aimed at this demographic practically doubled from the previous year. This news has made larger enterprises particularly careful about whom they do business with. This means that any SMB targeting high-end B2B clientele, or those seeking partnerships with large public or government entities, must be prepared to accurately answer questions pertaining to security. This requires an honest assessment of the processes taken to limit security risks.

View Security Measures as Investments

CIOs must start viewing any extra investment to enhance security as a competitive differentiator in attracting new business. Adopting the kind of security measures that large enterprises seek from third-party partners they agree to work with will inevitably pay off. The payoff will come by way of new revenue-generating business contracts that will likely surpass whatever was spent to improve security.

Would-be business partners have likely already asked for specifics about protecting the integrity of their data.  Some larger entities require that SMBs complete a questionnaire addressing their security concerns. This kind of documentation can be legally binding so it’s important that answers aren’t fudged just to land new business. If you can’t answer “yes” to any question about security, find out what it takes to address that particular security concern.

Where a Managed Service Provider Comes In

Anyone who isn’t yet working with a Managed Service Provider (MSP) should consider it. First, a manual network and security assessment offers a third-party perspective that will uncover any potential business-killing security risks. A good MSP will produce a branded risk report to help you gain the confidence of prospects to win new business.

A MSP can properly manage key elements of a small company’s security plan. This includes administrative controls like documentation, security awareness training, and audits as well as technical controls like antivirus software, firewalls, patches, and intrusion prevention. Good management alone can eliminate most security vulnerabilities and improve security.

Stay secure and CLICK HERE for a free network assessment. Managed IT could prevent a security breach.