Posts

Five Tips to Safe BYOD for SMBs

  1. Create a Mobile Device Policy and Enforce It

Don’t be afraid to spell out what employees are expected to do – and not do – with their mobile devices. It’s important to remember you aren’t only managing devices but people as well. This is where you define acceptable and unacceptable behaviors and make it clear that there will be no exceptions.

Clearly define what types of devices are allowed. While you want to support a mix of the devices employees are most likely to carry, a line has to be drawn somewhere to prevent things from becoming unmanageable. No company, especially a small one, needs to open up things to 30 mobile devices. Minimum standards for device age and capabilities should be set. Newer technology will obviously have better security features. For instance, anything before the iPhone 3G will not permit device-level encryption.

Every policy should address acceptable personal device use when it comes to webbrowsing, app downloads/usage, public Wi-Fi protocol, and data transmission/storage guidelines.

  1. Keep Devices Lock & Password Protected

Your employees are using devices they take with them everywhere. You have no idea where they are at any given moment of the day. More importantly, you can only hope that their mobile device is either with them or stored away safely. Devices that aren’t password protected, which are left out in the open unattended, pose a huge risk.

Keep in mind that 46% of people who use their mobile device for work admit to letting others use it from time to time. Many devices have free built-in security controls such as locked screens, the ability to remotely wipe out the device after multiple successive failed authentication attempts, and even GPS trackability.

Passwords should be strong and frequently updated. Employees should also be advised to not keep written passwords lying around.

  1. Immediately Disconnect Terminated Employees or Voluntary Leaves

Be sure to remotely wipe company data from the personal device of any employee who is terminated or voluntarily leavesthe company. Ideally, this data should be retrieved. This is one reason a SMBs mobile device policy must address where employees are to edit and save files. Many SMBs these days require all files to be shared, edited, and saved on Cloudbased software like Dropbox.

  1. Use Available Encryption Technologies

Business critical files, folders, and hard drives should be encrypted for reliable protection against unauthorized access. Encryption prevents sensitive data from being read by potential hackers as content is transferred to and from mobile devices.21

  1. Use a Mobile Device Management (MDM) Solution

MDM solutions are a cost-effective means to ensure that any mobile device accessing their network is identified, controlled, and monitored. This method of centralized management makes it easy to configure devices for enterprise access, stipulates password policy and encryption settings, locates and remotely clears and locks any lost or stolen device, automates security updates, and proactively identifies and resolves device or app issues.

CLICK HERE for a free network assessment.

 

 

Embracing the Age of Mobility & the BYOD Workplace

15In today’s always-connected world, the time-honored separation of work and personal time is quickly disappearing. Mobile devices such as laptops, netbooks, tablets, and smartphones have fundamentally changed how all of us live and work.

With work no longer confined to a physical office space, or limited to traditional business hours, we’ve created an increasingly mobile and dispersed workforce capable of working anywhere at any time. 3 out of 5 workers today no longer believe an office presence is necessary for a productive day’s work. By 2015, the IDC estimates the U.S. will have over 200 million people working remotely.

By now, it’s obvious that BYOD (Bring- Your-Own-Device) isn’t just another buzz-worthy acronym or a workplace trend that will eventually fade; it’s part of the complete restructuring of the conventional way we’ve worked up to this point. There is simply no going back to the way we were. With or without company approval, employees prefer working from devices they own and are most comfortable with, meaning it’s out with yesterday’s loud, clunky and slow in-office desktop PCs and in with today’s feature-rich, on-the-go, employee-owned mobile devices.

Although many small-to-midsize businesses (SMBs) have fully embraced BYOD for its countless benefits, this proliferation of employee-owned devices accessing company databases, files, and email servers is unprecedented. It is also risky because it increases vulnerability to security breaches and data loss.

Which raises the question: are workplaces today responsibly ushering in BYOD with safety, security, and long-term adaptability in mind?

THE MAINSTREAMING OF BYOD

It’s hard to believe that just a decade ago work mobility was practically nonexistent. We worked from cubicle farms with workstations and desktop PCs straight out of the movie Office Space. The office was our only access to the company network. Select employees might be provided with company-issued laptops with pre-loaded software useful for work. Perhaps they’d be trusted with FTP (File Transfer Protocol) privileges to access and transfer files to the server. Cell phones were actually just phones.

Even when BlackBerrys were introduced to the business world, allowing people to use a mobile handheld device to access their work email and manage their schedule for the very first time, the BlackBerry Enterprise Server made it easy for IT departments to configure and manage the device. BlackBerrys eventually gave way to iPhones and Androids. Laptops eventually gave way to iPads and tablets that combined laptop usability with smartphone portability. Meanwhile, the number of public Wi- Fi hotspots grew, making employees eager to access their company network and work files from just about anywhere through their mobile device.

Today, BYOD has become the “new normal”. A recent poll of 1,021 small business owners in the United States found that 68% allowed employees to use personal devices for work. 79% of CIOs at businesses who aren’t encouraging BYOD believe employees access their network with unauthorized personal devices every day.

Initial resistance to the BYOD movement has proven to be futile. Gartner, a technology research firm, predicts that 90% of businesses and organizations will support the use of personal devices for work purposes by the end of 2014.

And it certainly seems that more business owners today are seeing the upside of BYOD, which include…

Increased Production

On average, it has been approximated that businesses gain 9 additional hours of productivity per week when employees use personal devices.

Improved Service

The benefits of this increased production and greater flexibility naturally extend to clients and customers since mobility allows workers to resolve escalated issues or almost instantly reply to inquiries outside of normal work hours. It is common these days to receive an email response after 5pm with a “Sent from my iPhone” tagline at the bottom.

Reduced Costs

Transferring IT hardware and equipment expenses to employees can save SMBs significant money. A study conducted by Cisco’s Internet Business Solutions projected that U.S. companies utilizing BYOD can save up to $3,150 per employee each year. Additionally, since consumers are drawn to the freshest technology, and the latest upgrade to their device of choice, businesses no longer have to budget to continually upgrade to keep up with technological advances.

In 2013, telecommunications and information technology service provider Cbeyond, Inc. conducted a blind survey of 711 C-level executives of firms with fewer than 250 employees. Their findings revealed that not only is BYOD more widely accepted today, but mobile devices have also become critical to day-to-day operations and essential to meeting business objectives. Many acknowledged that it would be a challenge to do business today otherwise. A fair share of executives felt their business couldn’t survive without mobile device usage.20

One troubling aspect of the aforementioned report is 32% of the surveyed SMBs aren’t sure if their data is adequately protected. While they acknowledge that BYOD puts their organization at risk, just 22% of SMBs currently have a comprehensive BYOD policy in place to address mobile device usage and define data privileges extended to personal devices.

Here are a few reasons this sets a dangerous precedent.

  • Nearly a third of employees use more than one mobile device during a typical workday. It’s critical that organizations, especially small businesses, know whatdevices are accessing their network and whom they belong to.
  • With the existence of public Wi-Fi hotspots at coffee shops, restaurants, hotels, convention centers, trains, and airports, inadequately secured mobile devices are constantly exposed to hackers monitoring traffic on open networks. According to data compiled by the Ponemon Institute, 59% of organizations have experienced a rise in malware infections linked to insecure mobile devices.
  • BYOD makes SMBs increasingly susceptible to costly data breaches with 38% of these breaches occurring as the result of lost or stolen mobile devices. Verizon Business has estimated that 174 million records have been stolen in 855 data breaches linked to smartphones and tablets.
  • There are more than 500,000 apps in the Apple App Store. The Android Marketplace has over 200,000 apps. The security controls in place to evaluate the safety of these applications are suspect and some apps having phishing screens, hidden spyware, and malware. This means the apps or clients being used to access enterprise content could put your data at risk.

The adoption of BYOD can be beneficial to small businesses but it shouldn’tcompromise company or customer data. Developing a comprehensive BYOD policy minimizes risk while still granting full (and secure) access to the files and applications your employees need, regardless of where they are.

CLICK HERE for a free network assessment.

Office 365 vs Google Apps

OFFICE 365 – A HISTORY

Prior to Office 365’s introduction, many businesses were migrating to the cloud-based Google Apps for Business. Microsoft was starting to be perceived as the old stalwart when it came to business email and communications software. Meanwhile, Google was garnering a reputation as the young upstart in the industry.

Since Google was fully utilizing the cloud, small businesses and organizations were turning to Google Apps for Business to eliminate the need for an on-site server and to facilitate communications and sharing among an increasingly dispersed workforce in the BYOD (Bring-Your-Own- Device) era.

This meant that many businesses were bypassing the expensive licenses of the Office desktop suite for the more mobile and affordable Google Apps for Business. “Send us a Word attachment” suddenly became “Put that in a Google Doc and share it with us on the Google Drive.”

Rather than lose a share of their marketplace to a competitor, Microsoft opted to introduce a cloud-based suite of their own targeting enterprise customers, small businesses, non-profits and the education market, all of whom were being priced out of the desktop Office 2013 suite.

After several missteps, Office 365 was introduced. Here are the four key components that make up Office 365’s cloud-based services

 Capture2

THE DISTINCTION BETWEEN OFFICE 365 & GOOGLE APPS

You’ll note different names, yet very similar capabilities, during a quick side-by-side comparison of Microsoft Office 365 and Google Apps for Business. This is because Google basically developed their software to be cloud-based replicas of the already established enterprise-grade Microsoft Office products. The following table is a breakdown of each comparable function between Office 365 and Google Apps.Capture3

Despite the old adage of “Imitation is the sincerest form of flattery,” Microsoft versions have been around for quite some time and are much more refined than Google’s offerings. For instance, while many appreciate the simplicity of Gmail for personal use, a much larger percentage of workers are likely to be more familiar with Outlook for business email. When it comes to note taking, OneNote has advanced capabilities and better integration with other programs than Google Keep. Anyone who has ever used Google Docs has likely experienced formatting nuisances and understands that the software’s format and layout options aren’t always WYSIWYG (What You See is What You Get).

EIGHT SIMPLE REASONS SMBs ARE CHOOSING OFFICE 365

  1. Ensured Privacy and Better Security

Whenever cloud migration is suggested, security is one of the first subjects to come up, as many SMBs fear their data is less secure in the cloud. However, only a very small number of security breaches have been linked to data stored in the cloud. In fact, the cloud offers SMBs a level of consistently updated security that many otherwise can’t afford. Here are a few ways Office 365 keeps your business information private and secure:

  • Not only does the data reside in a well-secured state-of-the-art data center, but data encryption and frequently updated antivirus and spam protection also offer greater protection.
  • Microsoft’s privacy policy states your data WILL NOT be scanned and given or sold to third parties. In contrast, Google’s Privacy Policy states that any data they collect CAN BE used for advertising purposes. Make no mistake about it; Google’s cash cow is Google Ads. Google crawls your data in search of specific keywords to trigger ads from paid advertisers. It’s important to read all fine print as many businesses, particularly those that must adhere to HIPAA regulations, may run into a compliance conflict with Google Apps. Office 365 protects against data crawling and adheres to its privacy standards at no additional cost beyond its base price.
  • Microsoft provides detailed documentation on their privacy policy and security measures.
  • Microsoft has long been regarded as one of the most cooperative cloud-service providers when it comes to signing a liability agreement committing to HIPAA compliance.
  1. Work from Anywhere at Anytime

Although Google has enhanced its capabilities offline, there are still limitations to its offline app. Meanwhile, Office 365 allows users to access documents, spreadsheets, Outlook, etc. from virtually any device with a Wi-Fi connection and a web browser. Here are a few reasons Office 365 is strengthening productivity.

  • In addition to the web-browser based Office suite, most Office 365 plans include desktop installations of Microsoft’s software for up to 5 PCS/Macs per user. The standard Small Business package is the one exception. Otherwise, anyone who needs to create, review or edit documents without a Wi-Fi connection can still get work finished using software installed on his or her laptop or Macbook.
  • Office 365 offers a consistent experience across online and offline platforms regardless of the device used.11
  1. Ease of Use Both Online and Offline

Office 365 users can get started immediately with a minimal learning curve because Microsoft’s products are widely recognized and have been used in workplaces and homes for decades. The same tailored experience is applied across all platforms – mobile, online and desktop applications. Anyone that has already used Microsoft Outlook and desktop Office has an instant familiarity with the products that should help them smoothly transition to the cloud.

  1. Effective Integrated Solutions

Familiarity goes a long way and morepeople are proficient at using the Microsoftsoftware than its competitors. The cloudenhances the Microsoft Office Desktopsuite experience because it facilitatesgreater collaboration. Office 365 allowsSMBs to:

  • See real-time presence and calendar availability
  • Initiate a web conference within Office applications or Outlook, Sharepoint or Lync

Google on the other hand relies on third parties for features like video conferencing and many of its core services.

  1. A Uniform Look Regardless of Device

Have you ever opened a Word document in Google Apps only to see disheveled formatting or a missing table of contents, headers, footers, watermarks, page numbers and tables?12

It’s pretty common.

Office 365 preserves formatting whether documents are edited using a desktop version of Microsoft Office or a mobile device in the cloud. This gives you the confidence of knowing that the documents you’re sending to customers, clients, or prospects look just the way you intended.

  1. Flexible Solution

Office 365 offers a hybrid environment allowing you to easily do business both in and outside of the cloud. If certain parts of your business operations aren’t necessarily “cloud-ready”, they can stay out of it. Users of Google Apps can’t experience this kind of hybrid deployment.

Additionally, Google also has very limited management and administrative capabilities in comparison to Office 365. With Office 365, you will know exactly who has access to your data and control their conditions and privileges.

  1. Financially Backed Service-Level Agreement

The most successful SMBs are confident that their business critical operations are optimally running at all times. Not only does Microsoft provide a Service Health Dashboard that lets you see the current status of their online service, but they are also one of the few cloud-service providers to offer a financially backed service level agreement (SLA) any time their service availability drops below 99.9 percent.

Meanwhile, Google offers a less transparent approach to system availability. They only begin to count downtime when at least 5 percent of their users are affected. This doesn’t work very well for any business relying on meaningful performance metrics to assess productivity.

  1. No Surprises

SMBs get exactly what they pay for with Microsoft – ready-to-go features that are fully supported with predictable pricing and no hidden fees or gotchas. Office 365 is also flexible enough that it allows SMBs to change or remove services based on their needs. Office 365’s technology roadmap means no surprise updates. Advance notice accompanies any significant update.

SUMMARY

Office 365 offers a tried-and-true business standard in a new technology environment. Although it may seem to be priced slightly higher than Google Apps, the enhanced security, superior MS Office software, and better flexibility actually make it a more cost-efficient solution for SMBs. Since Office 365 allows for a hybrid deployment of both cloud and on premise servicers, Office 365 also allows SMBs to gradually move to the cloud with less anxiety.

For even more support transitioning to an Office 365 environment, an expert managed services provider that has successfully deployed SharePoint, Exchange and Link both on-premises and in the cloud can help minimize the administrative burden of Office 365; helping you achieve a greater ROI on your Microsoft investment.

Cognoscape can also provide Microsoft services. CLICK HERE for a free network assessment.

Common Causes of Downtime

ChartZero In On Infrastructure Vulnerability to Data Center Downtime

Leading Causes of Downtime

  • Power Outages – 48%
  • Accidental Data Deletion – 31%
  • Employee Created – 29%
  • Virus/Malware – 25%
  • Application Failure – 20%

Power Related Outages – Vulnerabilities to a data center’s power still rank as one of the leading causes of unplanned network outages and can often be catastrophic. Particularly costly are UPS (Uninterrupted Power Supply) related failures (this includes batteries) and generator failures.

ZERO IN

To minimize the impact that power outages have on data center operations, and to prevent a potentially catastrophic unavailability of the data center, a dependable backup system is needed. This ensures the backup of critical data and applications is always in place in the event of equipment failure.

The integration of comprehensive infrastructure monitoring and management tools also minimizes the costs associated with identifying and repairing power system failures. Accidental Data Deletion and

Employee Created Downtime

Simple human error is a prevalent cause of downtime. Whether months of data is unintentionally lost in a backup error, a power cord is unplugged, a busy IT technician overlooks routine maintenance and alert monitoring, or there is an error in judgment during an emergency, to err is human and apparently quite frequent as well.

A study by the Gartner Group, an IT research and advisory firm, projected that through 2015, 80% of downtime will be due to people and process issues.

In the fall of 2010, foursquare – a widely used mobile check-in app – had a highly publicized outage of eleven hours, followed by another shorter service disruption the next day. All three million users of the app were affected and it was a chain of human mistakes that led to both outages. IT techs noticed that a server was storing too much data, but as the support team tried to resolve the issue, all the servers went down.

9ZERO IN

Regardless of proper training, or the quality of IT technician hires, human mistakes will likely always lead to instances of a downed data center or network, especially considering the expected learning curve of adapting to new technologies. Ensuring proper communication amongst team members and adequate training at all levels is critical. Of course, it goes without saying that having a comprehensive backup strategy is also a necessity to counteract downtime and ensure business continuity regardless of who is having a bad day.

 

Virus/Malware/Hacks – SMBs are often guilty of thinking they are immune to hackers, viruses and malware. According to a National Cyber Alliance and Symantec survey, 77% of SMBs don’t believe they’re at risk for cybercrime while 83% admit to having no formal measures in place to counter these threats. This isn’t merely a threat to your data; it puts your bank account and the sensitive data of your customers at risk.

ZERO IN

Passwords should be regularly changed every few months. They should also be strong. This means no more passwords like “password” or “1234567.” Employees must be educated on security and precautionary measures. And there is no excuse for not having data backed up in this era of cloud computing and virtualization – where the entire contents of physical server – including the operating system, applications, patches and all data – can easily and cost-effectively be grouped into one software bundle or virtual server.

 

Application Failure – Many applications or their components contribute to recurring downtime. While virtualization offers many multi-faceted advantages it has also further exacerbated overlapping applications in the infrastructure. One small application component failure is now likely to impact many applications.

ZERO IN

It is critical that all components are profiled and there is a general understanding as to what each application does – the hardware resources used by the application and the software it integrates with. Identifying an owner will allow for better monitoring and recognition of failure points.

10

SMBs can benefit from a little help when it comes to properly implementing and leveraging this new technology to strengthen their disaster recovery efforts. Access to a 24/7 NOC (Network Operations Center) team offering remote monitoring and management solutions, along with a 24/7 help desk, can help SMBs improve backup, monitoring and troubleshooting processes for maximum uptime and business continuity.

CLICK HERE for a free network assessment.

 

Can Your Business Afford Downtime?

Calculate the True Cost of Downtime

According to the Aberdeen Group, a business intelligence research firm, downtime is costing companies 65% more per hour these days than just two years ago. 2012 data calculated downtime costs at the $165,000 mark compared to the $100,000 of 2010.

According to Symantec’s 2011 SMB Disaster Preparedness Survey, small businesses lose an average of $3,000 each day from owned systems and networks. Medium sized businesses bleed even more money, losing an average of $23,000 each day.8

C-Suite management at SMBs must consider both the direct and indirect costs of downtime. Direct costs are:

  • Wasted wages paid to idle employees
  • Sales lost during the outages
  • The expensive emergency service/repair bill issued by the on-call IT technician brought in to get your business back up and running.

Indirect costs, such as lost customers who have moved on after one too many “Our server is down” messages, are more difficult to quantify but more costly – equating to roughly 62% of all network downtime costs. A specific dollar amount cannot be placed on lost productivity, the long-term consequences of damaged reputation and wasted opportunities that accompany each downtime event.

This is why Chief Information Officers (CIOs) and IT support alike don’t have the visibility or insight to understand what the average downtime event truly costs them. The residual effects of a network outage are typically much more costly than costs related to identifying the root cause of the failure and repairing or replacing any physical hardware.

But so many C-level executives remain mindful of only what downtime costs them in terms of repair or replacement costs. They also tend to gloss over the fact that their day-to-day business processes are more susceptible to outages and inaccessible data than they think.

CLICK HERE for a free network assessment.

Breach at eBay – Change Your Password Now

The following article is from krebsonsecurity.com

“eBay is asking users to pick new passwords following a data breach earlier this year that exposed the personal information of an untold number of the auction giant’s 145 million customers.

In a blog post published this morning, eBay said it had “no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.”

Assisted by federal investigators, eBay determined that the intrusion happened in late February and early march, after a “small number of employee log-in credentials” that allowed attackers access to eBay’s corporate network were compromised. The company said the information compromised included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. eBay also said it has no evidence of unauthorized access or compromises to personal or financial information for PayPal users.

The company said it will begin pushing out emails today asking customers to change their passwords. eBay has not said what type of encryption it used to protect customer passwords, but it previous breaches are any indication, the attackers are probably hard at work trying to crack them.

If you’re an eBay user, don’t wait for the email; change your password now, and make it a good one. Most importantly, don’t re-use your eBay or PayPal password elsewhere. If you did that prior to today, it’s a good idea to change that password to something unique at the other sites that shared it. And be extra wary of phishing emails that spoof eBay and PayPal and ask you to click on some link or download some security tool; attackers are likely to capitalize on this incident to spread malware and to hijack accounts.

eBay and PayPal users who haven’t already done so should consider using the PayPal Security Key, a two-factor authentication solution that can be used to add for additional security on both sites.”

With as many breaches occurring in only the first half of 2014, the necessity for internet and information security is at an all time high. SMBs and healthcare providers dealing with sensitive information need to protect this info from security breaches and potential data loss as a result. CLICK HERE to sign up for a security audit.

Five Things to Know About Office 365

1If you’re trying to decide if Office 365 fits the specific needs of your business or organization, here are five things to know about Microsoft’s cloud-based version of Office.

What’s the Difference? Chances are you’re already familiar with the desktop version of Microsoft Office. Components like MS Word and MS Excel have been staples on our home and office PCs for years. Office 365 and Office Web Apps are the most recent add-ons to the family.  Office Web Apps is a free, albeit limited, version of Office that integrates with Microsoft’s cloud storage service Skydrive. Importantly, it allows users on a device without Office installed to view and do basic edits of Office files via the web. While Web Apps is great for viewing and making basic text or formatting edits, Office 365 offers full desktop Office functionality in the cloud through a subscription-based plan. Office 365 has become increasingly popular among small-to-medium sized businesses since it’s a near hybrid of the desktop and web-based versions of Office and it supports multiple devices.

What are the System Requirements? Office 365 requires Internet access, Windows 7 or 8, OS X 10.6 (or later) on a Mac, and compatible browsers such as IE9, Chrome 18, Firefox 12 and Safari 5. Optimal performance will require systems to have 3 GB of free hard drive space for Windows and 2.5 GB for Macs, either 1 GB of RAM (32-bit) or 2 GB RAM (64-bit), and a 1 GHz processor for Windows or Intel processor for Macs.

How Much Does It Cost? There are multiple Office 365 subscriptions to choose from:

  • Home Premium Plan: For your personal and family use, you can have Office 365 for $9.00 monthly or $99.99 for the year for up to five devices.
  • Small Business Plan: For businesses with up to 25 users, Office 365 is available at a monthly “pay as you go” rate of $6.00 per user or $60 if they pay annually. A Premium package priced annually at $150 per user includes the desktop version of each Office app.
  • Enterprise Plans: Enterprise Office 365 plans for midsize businesses with up to 300 users and large enterprises accommodating over 300 users are available for anywhere from $8 to $24 monthly per user.

Is It Compatible with Older Versions of Desktop Office? For businesses already using older versions of desktop Office, Office 365 is compatible with both Office 2010 and 2013 but some functionality is lost with Office 2007. A compatibility pack for Office 2003 users will no longer be available after January 2014. Is It Secure? Security is a concern of any small business moving to the cloud. Office 365 has the very same Trust Center and user-level security options as desktop Office. Each Office application supports encryption and allows permissions to be set. With files stored offsite in secure specialized data centers, it can be argued that small businesses are actually more secure using Office 365 than they are on their own. If you feel Office 365 may be the right fit for your business or organization, contact us today and we’ll ensure your technology infrastructure is ready for Office 365 installation and deployment.

CLICK HERE for a free technology assessment.

 

Five Ways SMBs Can Minimize Data Loss

  1. Enforce Data Security – This is more or less the managing of the “human factor.” CIOs and those in SMB management roles must communicate data protection policies to staff and ensure their implementation. Rules must be set, particularly with personal devices, to enforce security policies. It can be as simple as sending reminders to not open email attachments from unknown sources, requiring passwords be reset every few months or the banning of specific file sharing or social networking sites. In May of 2012, security concerns led to over 400,000 IBM employees being banned from using the cloud storage service Dropbox and Siri – the iPhone personal assistant. While far from an SMB, if IBM can go that far and make such a demand to so many employees, an insurance agent can certainly remind his or her marketing representative to not play Farmville on Facebook if they’re using a laptop containing company and customer/client data.
  2. Stress the consequences – both personal and business – of not properly protecting confidential data. Encourage employees to make passwords difficult to crack. Patch holes in the infrastructure’s walls by identifying the most critical data. Perhaps a trusted IT advisor can help implement processes to better protect that data’s security perimeters.
  3. Mobile Device Management – Mobile Device Management grants SMBs a semblance of control over the mobile devices used within the company. Devices tapping into company system are identified and remotely monitored and managed 24/7. More importantly, they are proactively secured via specified password policies, encryption settings, and automated compliance actions. Lost or stolen devices can be located and either locked or stripped of all SMB-related data.
  4. Snapshots – Fully backing up large amounts of data can be a lengthy process. The data being backed up is also vulnerable to file corruption from read errors. This means sizeable chunks of data may not be stored in the backup and be unavailable in the event of a full restore. This can be avoided by backing up critical data as snapshots, which are read-only copies of data frozen to a specific point in time and stored using minimal disk space. These virtual snapshots are immediately available for restores in the event of data loss.
  5. Cloud Replication and Disaster Recovery Services – The cloud provides SMBs who consider data backup to be too costly, time consuming and complex with a cost-effective, automated off-site data replication process that provides continuous availability to business-critical data and applications. Cloud replication can often get systems back online in under an hour following a data loss.

6

CLICK HERE for a free network assessment.

Data Security Threats Every SMB Must Be Aware of

Human Error and Employee Negligence

1Human error, by way of unintentional data deletion, modification, and overwrites, has become much more prevalent in recent years. Much of this is the result of carelessly managed virtualization technology. Virtualization and cloud computing have enabled improved business continuity by allowing entire servers – including all data, operating systems, applications, and patches to be grouped into one software bundle or virtual server and subsequently backed up. The catch is humans must still instruct this technology how to perform, which is why so much of today’s data loss is linked to human error. The complexity of these systems often presents a learning curve that involves quite a bit of trial by error. For example, a support engineer can accidentally overwrite his backup when he forgets to power off his replication software prior to formatting volumes on the primary site.

While most CIOs at SMBs are generally accepting and understanding that mistakes happen, they must be more stringent when it comes to managing risky negligent employee behaviors in this era of mobility and accessibility. Employee negligence puts a company or organization’s critical business data at risk of being stolen by cybercriminals or malicious employees. Examples of this negligent behavior include:

  • Leaving computer systems unattended
  • Weak passwords (“password” or “12345”) or passwords that aren’t frequently changed
  • Opening email attachments or clicking hyperlinks embedded with spam
  • Visiting restricted websites

5Employee Mobility & Data Exposure

In the modern-day BYOD workplace, more people are doing daily business on their personal laptops, iPads and Blackberrys. They are also carrying around portable media like thumb drives, USB sticks and CDs.

These devices are not always backed up or secured by IT administrators. There is not only the potential for these devices to be lost or stolen but there is also a very high probability that employees using them are also accessing personal email, downloading music, browsing the web, playing games and hanging out on Facebook. This makes sensitive data susceptible to malware, viruses and hackers. All of this substantially ups the likelihood of data loss incidents.

Prevent data loss. CLICK HERE for a free network assessment.

Decreasing Business Costs and Risks of Costly Data Loss

4We live in a 24/7 global economy that is more dependent than ever on technology. Even the technology of small and medium sized businesses (SMBs) houses sensitive digital data – employee and customer information, internal emails, documents and financial records, sales orders and transaction histories. Not to mention applications and programs critical to daily business function and services. Employees at SMBs require continuous access to the critical business data needed to meet the demands of the customers or clients they service. They even want this access while they’re at home or on the go running errands. To satisfy this demand, many companies and organizations now allow employees to BYOD (Bring-Your-Own-Device) and “do business” using their personal laptops, tablets and mobile phones. The web, Wi-Fi networks and mobile devices with robust memory and battery life have made this constant access to a SMBs back office infrastructure a reality. Regrettably this flexibility and freedom is accompanied by an ominous risk of data loss.

Just a single data loss or breach can be costly to SMBs. Data losses and leaks come with lingering continuous costs that many SMBs cannot easily shake or overcome. Revenue is lost if employee productivity and customer accessibility/service are stalled by data loss. The expenses associated with internal research and investigation, system repair and maintenance, and data security protection are another heavy price SMBs must pay. If cybercrime is involved, affected customers must be notified, the potential exists for litigation, and many customers will likely never return due to mistrust.

While corporate-level data losses are well publicized, many SMBs mistakenly believe their data isn’t at risk. This mistake can prove to be a costly one.

3Why C-Suite Management at SMBs Can No Longer Ignore Data Loss

  • Following a significant data loss, it is estimated that SMBs can lose up to 25% in daily revenue by the end of the first week.
  • According to the National Archives & Records Administration in Washington, 93% of companies that have experienced data loss, and prolonged downtime for ten or more days have filed for bankruptcy within twelve months of the incident. 50% wasted no time and filed for bankruptcy immediately. 43% of companies with no data recovery and business continuity plan actually go out of business following a major data loss. How quickly can your business be restored if critical data is lost? When was the last time backup processes were tested to ensure all data is recoverable and business operations are quickly restored?
  • A survey conducted by Symantec SMB revealed that fewer than half of SMBs surveyed backup their data each week. Only 23% of those surveyed said they backup data every day and have a business continuity plan in place.
  • The percentage of cybercriminal attacks targeting businesses with fewer than 250 employees doubled in 2012. The vulnerabilities of naïve small business owners have been noted, and hackers have now placed the proverbial bull’s-eye on these perceived weak links.

If sensitive customer data is leaked, SMBs may face overwhelming financial liabilities, which could include reimbursing affected customers and legal fees.

2

Businesses today are playing on a much bigger playing field than they were two decades ago. Any SMB that trusts the security and backup of critical business data with a limited and overburdened in-house IT team, or forsakes internal IT support altogether for emergency on-call help when things go bad (Break/Fix Mentality), is playing with fire and begging to be burned.

Any disruptive or invasive technological event – even the smallest of incidents – can have an amplified impact on day-to-day business and profitability. Being proactive with data recovery solutions, and having emergency response procedures in place prior to a disruption or data disaster, is the only way to get critical data restored immediately to the data center, minimize downtime, protect customer and client data and soften the impact of such events.

Don’t let this happen to you. CLICK HERE for a free network assessment.