Can Your Business Afford Downtime?

Calculate the True Cost of Downtime

According to the Aberdeen Group, a business intelligence research firm, downtime is costing companies 65% more per hour these days than just two years ago. 2012 data calculated downtime costs at the $165,000 mark compared to the $100,000 of 2010.

According to Symantec’s 2011 SMB Disaster Preparedness Survey, small businesses lose an average of $3,000 each day from owned systems and networks. Medium sized businesses bleed even more money, losing an average of $23,000 each day. 8

C-Suite management at SMBs must consider both the direct and indirect costs of downtime. Direct costs are:

  • Wasted wages paid to idle employees
  • Sales lost during the outages
  • The expensive emergency service/repair bill issued by the on-call IT technician brought in to get your business back up and running.

Indirect costs, such as lost customers who have moved on after one too many “Our server is down” messages, are more difficult to quantify but more costly – equating to roughly 62% of all network downtime costs. A specific dollar amount cannot be placed on lost productivity, the long-term consequences of damaged reputation and wasted opportunities that accompany each downtime event.

This is why Chief Information Officers (CIOs) and IT support alike don’t have the visibility or insight to understand what the average downtime event truly costs them. The residual effects of a network outage are typically much more costly than costs related to identifying the root cause of the failure and repairing or replacing any physical hardware.

But so many C-level executives remain mindful of only what downtime costs them in terms of repair or replacement costs. They also tend to gloss over the fact that their day-to-day business processes are more susceptible to outages and inaccessible data than they think.

CLICK HERE for a free network assessment.

Breach at eBay – Change Your Password Now

The following article is from krebsonsecurity.com

“eBay is asking users to pick new passwords following a data breach earlier this year that exposed the personal information of an untold number of the auction giant’s 145 million customers.

In a blog post published this morning, eBay said it had “no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.”

Assisted by federal investigators, eBay determined that the intrusion happened in late February and early march, after a “small number of employee log-in credentials” that allowed attackers access to eBay’s corporate network were compromised. The company said the information compromised included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. eBay also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users.

The company said it will begin pushing out emails today asking customers to change their passwords. eBay has not said what type of encryption it used to protect customer passwords, but it previous breaches are any indication, the attackers are probably hard at work trying to crack them.

If you’re an eBay user, don’t wait for the email; change your password now, and make it a good one. Most importantly, don’t re-use your eBay or PayPal password elsewhere. If you did that prior to today, it’s a good idea to change that password to something unique at the other sites that shared it. And be extra wary of phishing emails that spoof eBay and PayPal and ask you to click on some link or download some security tool; attackers are likely to capitalize on this incident to spread malware and to hijack accounts.

eBay and PayPal users who haven’t already done so should consider using the PayPal Security Key, a two-factor authentication solution that can be used to add for additional security on both sites.”

With as many breaches occurring in only the first half of 2014, the necessity for internet and information security is at an all time high. SMBs and healthcare providers dealing with sensitive information need to protect this info from security breaches and potential data loss as a result. CLICK HERE to sign up for a security audit.

Five Ways SMBs Can Minimize Data Loss

  1. Enforce Data Security – This is more or less the managing of the “human factor.” CIOs and those in SMB management roles must communicate data protection policies to staff and ensure their implementation. Rules must be set, particularly with personal devices, to enforce security policies. It can be as simple as sending reminders to not open email attachments from unknown sources, requiring passwords be reset every few months or the banning of specific file sharing or social networking sites. In May of 2012, security concerns led to over 400,000 IBM employees being banned from using the cloud storage service Dropbox and Siri – the iPhone personal assistant. While far from an SMB, if IBM can go that far and make such a demand to so many employees, an insurance agent can certainly remind his or her marketing representative to not play Farmville on Facebook if they’re using a laptop containing company and customer/client data.
  2. Stress the consequences – both personal and business – of not properly protecting confidential data. Encourage employees to make passwords difficult to crack. Patch holes in the infrastructure’s walls by identifying the most critical data. Perhaps a trusted IT advisor can help implement processes to better protect that data’s security perimeters.
  3. Mobile Device Management – Mobile Device Management grants SMBs a semblance of control over the mobile devices used within the company. Devices tapping into company system are identified and remotely monitored and managed 24/7. More importantly, they are proactively secured via specified password policies, encryption settings, and automated compliance actions. Lost or stolen devices can be located and either locked or stripped of all SMB-related data.
  4. Snapshots – Fully backing up large amounts of data can be a lengthy process. The data being backed up is also vulnerable to file corruption from read errors. This means sizeable chunks of data may not be stored in the backup and be unavailable in the event of a full restore. This can be avoided by backing up critical data as snapshots, which are read-only copies of data frozen to a specific point in time and stored using minimal disk space. These virtual snapshots are immediately available for restores in the event of data loss.
  5. Cloud Replication and Disaster Recovery Services – The cloud provides SMBs who consider data backup to be too costly, time consuming and complex with a cost-effective, automated off-site data replication process that provides continuous availability to business-critical data and applications. Cloud replication can often get systems back online in under an hour following a data loss.

6

CLICK HERE for a free network assessment.

Data Security Threats Every SMB Must Be Aware of

Human Error and Employee Negligence

1 Human error, by way of unintentional data deletion, modification, and overwrites, has become much more prevalent in recent years. Much of this is the result of carelessly managed virtualization technology. Virtualization and cloud computing have enabled improved business continuity by allowing entire servers – including all data, operating systems, applications, and patches to be grouped into one software bundle or virtual server and subsequently backed up. The catch is humans must still instruct this technology how to perform, which is why so much of today’s data loss is linked to human error. The complexity of these systems often presents a learning curve that involves quite a bit of trial by error. For example, a support engineer can accidentally overwrite his backup when he forgets to power off his replication software prior to formatting volumes on the primary site.

While most CIOs at SMBs are generally accepting and understanding that mistakes happen, they must be more stringent when it comes to managing risky negligent employee behaviors in this era of mobility and accessibility. Employee negligence puts a company or organization’s critical business data at risk of being stolen by cybercriminals or malicious employees. Examples of this negligent behavior include:

  • Leaving computer systems unattended
  • Weak passwords (“password” or “12345”) or passwords that aren’t frequently changed
  • Opening email attachments or clicking hyperlinks embedded with spam
  • Visiting restricted websites

5 Employee Mobility & Data Exposure

In the modern-day BYOD workplace, more people are doing daily business on their personal laptops, iPads and Blackberrys. They are also carrying around portable media like thumb drives, USB sticks and CDs.

These devices are not always backed up or secured by IT administrators. There is not only the potential for these devices to be lost or stolen but there is also a very high probability that employees using them are also accessing personal email, downloading music, browsing the web, playing games and hanging out on Facebook. This makes sensitive data susceptible to malware, viruses and hackers. All of this substantially ups the likelihood of data loss incidents.

Prevent data loss. CLICK HERE for a free network assessment.

Decreasing Business Costs and Risks of Costly Data Loss

4 We live in a 24/7 global economy that is more dependent than ever on technology. Even the technology of small and medium sized businesses (SMBs) houses sensitive digital data – employee and customer information, internal emails, documents and financial records, sales orders and transaction histories. Not to mention applications and programs critical to daily business function and services. Employees at SMBs require continuous access to the critical business data needed to meet the demands of the customers or clients they service. They even want this access while they’re at home or on the go running errands. To satisfy this demand, many companies and organizations now allow employees to BYOD (Bring-Your-Own-Device) and “do business” using their personal laptops, tablets and mobile phones. The web, Wi-Fi networks and mobile devices with robust memory and battery life have made this constant access to a SMBs back office infrastructure a reality. Regrettably this flexibility and freedom is accompanied by an ominous risk of data loss.

Just a single data loss or breach can be costly to SMBs. Data losses and leaks come with lingering continuous costs that many SMBs cannot easily shake or overcome. Revenue is lost if employee productivity and customer accessibility/service are stalled by data loss. The expenses associated with internal research and investigation, system repair and maintenance, and data security protection are another heavy price SMBs must pay. If cybercrime is involved, affected customers must be notified, the potential exists for litigation, and many customers will likely never return due to mistrust.

While corporate-level data losses are well publicized, many SMBs mistakenly believe their data isn’t at risk. This mistake can prove to be a costly one.

3 Why C-Suite Management at SMBs Can No Longer Ignore Data Loss

  • Following a significant data loss, it is estimated that SMBs can lose up to 25% in daily revenue by the end of the first week.
  • According to the National Archives & Records Administration in Washington, 93% of companies that have experienced data loss, and prolonged downtime for ten or more days have filed for bankruptcy within twelve months of the incident. 50% wasted no time and filed for bankruptcy immediately. 43% of companies with no data recovery and business continuity plan actually go out of business following a major data loss. How quickly can your business be restored if critical data is lost? When was the last time backup processes were tested to ensure all data is recoverable and business operations are quickly restored?
  • A survey conducted by Symantec SMB revealed that fewer than half of SMBs surveyed backup their data each week. Only 23% of those surveyed said they backup data every day and have a business continuity plan in place.
  • The percentage of cybercriminal attacks targeting businesses with fewer than 250 employees doubled in 2012. The vulnerabilities of naïve small business owners have been noted, and hackers have now placed the proverbial bull’s-eye on these perceived weak links.

If sensitive customer data is leaked, SMBs may face overwhelming financial liabilities, which could include reimbursing affected customers and legal fees.

2

Businesses today are playing on a much bigger playing field than they were two decades ago. Any SMB that trusts the security and backup of critical business data with a limited and overburdened in-house IT team, or forsakes internal IT support altogether for emergency on-call help when things go bad (Break/Fix Mentality), is playing with fire and begging to be burned.

Any disruptive or invasive technological event – even the smallest of incidents – can have an amplified impact on day-to-day business and profitability. Being proactive with data recovery solutions, and having emergency response procedures in place prior to a disruption or data disaster, is the only way to get critical data restored immediately to the data center, minimize downtime, protect customer and client data and soften the impact of such events.

Don’t let this happen to you. CLICK HERE for a free network assessment.

Cognoscape talk on the news about XP and Heartbleed security issues!

Cognoscape Security Services

Click on Video

An apparent security flaw found on most websites is allowing hackers to use the Heartbleed virus to breach private information — including your emails, passwords, and credit card numbers.

5 Things SMBs Can Do Right Now To Preserve Their Network and Systems

5 Things SMBs can do jpeg

1 Backup Files Every Day – The number of businesses that never backup their network is astonishing. According to the Symantec SMB data, only 23% of SMBs are backing up their data daily. Fewer than 50% are backing up data weekly. A number of events can result in data loss. The importance of frequently backing up your network cannot be overstated.

2 Ensure Backup Procedures Are Checked Regularly – Many times business owners think they have a backup system in place only to find out when its too late that it hasn’t been working properly. It may seem like files are being backed up daily, however, the backup has become corrupt or huge chunks of critical data aren’t backed up. Check backup procedures regularly to make sure they are working properly. Be sure that ALL data can be recovered. In this age of BYOD (Bring-Your-Own-Devices) it is also important to frequently backup data on the personal laptops, iPads or Blackberrys of employees.

3 Make Sure Updated Virus Protection and Firewalls Are Always Enabled – Far too many companies either have no virus protection software installed, expired virus software licenses, or disabled virus programs that aren’t running at all. This makes their business technology vulnerable to virus attacks from emails, spam, data downloads, and other web sites. Files corrupted by a virus won’t only bring down your network but if the virus is somehow spread to customers and e-mail contacts it’s a surefire way damage your reputation as well. Roughly 40% of small-to-medium sized businesses will have their network compromised by a hacker. Chances are, they will have no clue whatsoever that they were attacked. Hackers look online for unprotected and open ports and then infiltrate whatever space they can with malicious code and files. If this malicious code cannot be removed, the hard drive will have to be reformatted and all files could potentially be lost. This is another reason why file backup is so critical in today’s business world. Updating critical security patches and changing passwords on the departure of employees are also necessary to deter hacking attempts.

4 Monitor Server Drives – Dangerously full server drives can bring on a slew of problems, ranging from program and server crashes to sluggish email delivery. Some proactive monitoring and maintenance of the server can spare businesses a lot of problems down the road. 5 Regularly Check Critical Built-In Logs – Very few tech problems emerge suddenly overnight. They typically progress and worsen over time into a more serious problem. Frequently reviewing the critical built-in log files can often indicate something is amiss before it becomes a major problem that wrecks havoc on your business infrastructure.

The Benefit of Managed Cloud Migration for SMBs

Cloud migration jpeg

Many SMBs today are turning to cloud- based services and virtualized backup solutions as a means to mitigate downtime and recover from network failures and outages. Virtualization and cloud computing have enabled cost- efficient improved business continuity by allowing entire servers to be grouped into one software bundle or virtual server – this includes all data, operating systems, applications, and patches. This simplifies the backup process and allows for quick data restoration when needed. But migrating to the cloud or a virtualization infrastructure must also be handled with care as these new technologies still pose significant risk.

While virtual resources and hosted services reduce overall business technology expenses and improve availability, “managed cloud migration” allows for a gradual integration of a company or organization’s IT infrastructure and virtual data center to the cloud. This can alleviate many of the security and privacy fears that come with moving to a shared space while offering a more varied approach to recovery processes with more customization and control.

Security Risk! Windows XP And Office 2003 Pose A Dangerous Threat To Your Business.

XP security alert

Security Alert for Windows XP. If you’re using Windows XP or Office 2003 you only have until April 8th before hackers may attack.

 

 

As a Microsoft Certified Partner, Cognoscape LLC, a Dallas based IT Security Company, would like you to know that you may very well be at risk of serious cyber attacks. Microsoft has announced that it will stop support for the XP operating system and Office 2003 software suite on April 8, 2014. Your entire business will be exposed to serious cyber attacks that can take control of your network, steal data, crash your system, and cripple your business. Many companies that we meet with don’t think they still have XP in their environment. However, what we have seen time and time again after a network review is that we typically find instances where XP still exist on their network. Postage machines, machines set up for printers, work-group machines etc. are all examples of possible security risk in a companies defense. The code has already been written… hackers are lining up right now waiting just waiting for the date.

You Must Migrate from XP and Office 2003 Before April 8, 2014. By law, all medical and financial service companies must upgrade any and all of their computer systems running XP or Office 2003. Firewalls and anti-virus software won’t protect you. According to Tim Rains, Director of Microsoft Trustworthy Computing: “XP has been a beloved operating system for millions and millions of people around the world, but after 12 years of service it simply can’t mitigate the threats we’re seeing modern-day attackers use.”—USA Today. Cognoscape, Dallas area IT Services company is offering area businesses a complimentary Security Audit. We will provide you with a comprehensive executive report detailing possible security risks and advice and recommendations on how to fix them. CLICK HERE to sign up for your Security Audit. 

Can You Really Afford the Status Quo?

Status Quo jpeg A successful SMB must align its technology and business initiatives. Constant employee productivity must be maintained to meet the needs and expectations of customers. To successfully do this, an honest assessment of risk is necessary. Regrettably, many SMB owners or management teams remain in state of denial that mismanaged technology has any serious consequences on their business. Meanwhile, it is costing them every day!

According to Symantec SMB, 50% of SMBs admit to having no backup and disaster recovery plan in place. Forty-one percent of those surveyed confessed that they had never even given much thought to implementing a disaster recovery or business continuity plan.

Every day SMBs are gambling with the lifeline of their business. Some may know they’re playing with fire but budget limitations may prevent SMBs from hiring adequate internal IT support. Often, the IT support that is on payroll is overburdened and stuck in a constant reactive mode where they spend their days resolving issues that are already hindering productivity and service. They can never break this cycle to get to a point where they’re actually proactively approaching things.

This same “break/fix” mentality is also the reason why many SMBs aren’t hiring in-house IT support. They instead phone in expensive “as needed” emergency IT support when issues arise. There are so many smaller businesses and organizations needlessly bleeding money every day by subjecting themselves to the high hourly rates, service charges, trip fees and wait times of on-call IT support.

This is the status quo. Management cuts corners because they either feel they have no choice given today’s economy or they’re completely ignorant to the daily revenue being lost by mismanaged business technology. Some know this will prove to be a costly mistake but they have no real vision to what it is already costing them every day.

Many SMBs don’t have a healthy fear of technology failure. Nor do they spend much time thinking about the true return on their IT investment. SMBs must ask themselves a few questions to determine if their business can really afford the “status quo.”

  • How often is employee productivity and customer accessibility or service stalled each day from a downed network or system? ƒ How much downtime can your business truly afford and what kind of backup or recovery solutions are in effect when systems are unavailable?
  • What level of IT support can be accessed? Can it be accessed quickly enough to minimize damage? Are you confident that your business can either be back online or be able to access lost data with minimal disruption no matter what?
  • Is your most critical data frequently backed up? Is the data on the personal laptops, iPads or Blackberrys of employees backed up? Are all backups stored in a location off-site and quickly accessible in the event of theft, fire or flooding? Are you using any custom installed software and is the supplier still in business should this software need to be reinstalled or updated? Are account details, licensing agreements, and security settings somewhere on record?
  • Are your systems truly protected from theft, hackers, and viruses? Are passwords to sensitive data changed whenever employees leave the company or organization?
  • When was the last time you tested backup processes to ensure they are working properly? How quick were you back up?