Posts

Prevent Data Loss With IT You Can Trust

7 Small business has changed dramatically within the last decade. No change has been more profound than our dependency on information technology (IT) systems to support critical day-to-day business functions.

In today’s increasingly competitive high-tech environment, it is critical that all business operations run smoothly and efficiently. Business momentum, employee productivity and customer service all depend on an IT infrastructure that must be both accessible and secure at all times. Constant network availability has become essential to most small and midsize businesses (SMBs) today.

This reliance on IT systems has also created a stronger link between data center accessibility and total cost of ownership (TCO). Even minimal amounts of unplanned downtime today will result in lost revenue, productivity and negatively impact overall brand reputation.

Preventing or rebounding from downtime was once deemed the IT team’s problem, however, this unprecedented modern day dependence on technology has made the frequency and costs of downtime more of a business problem. Prolonged or recurring downtime can cripple small businesses and requires the attention and understanding of C-suite management in order to be properly addressed.

Unfortunately, many executives at SMBs are still not as tuned into daily network operations as they need to be. For this reason, they lack a true awareness of the frequency of downtime. This lack of insight and visibility is regrettably putting far too many SMB sat an increased risk for downtime and the costs associated with it.

Prevent detrimental downtime. CLICK HERE for a free network assessment.

4 Essential Pieces to Any Small Business BYOD Strategy

Believe it or not, once upon a time, kids at the bus stop didn’t have cell phones and the mobile device strategy of many businesses was typically you’ll take what you’re given, refrain from using it for any personal use, and the data may be scrubbed clean whenever we please.

We’ve come a long way.  Today, businesses really have no choice but to let employees use personal devices for work purposes.  Blurred lines now make it difficult to differentiate between what is professional and what is personal.  A company or organization may partially pay for an employee’s tablet computer or smartphone, but that same device is used to upload photos to Facebook or download torrents of this season of Game of Thrones.

Naturally, security and privacy issues are a concern since these devices synch to the company network.  Larger corporations may be able to hire IT support or produce sophisticated BYOD guidelines for employees to adhere to but smaller businesses have limited resources.

In fact, recent surveys suggest that the small business sector is doing very little to preemptively prepare for potential network security risks that could arise with the use of BYOD devices.  This could prove to be disastrous.

According to market stats from a survey conducted by Cisco in 2012, approximately 88% of employees are doing business on personal devices.     However, only 17% of companies currently have a BYOD security policy in place, and only 29% of companies have plans to implement a mobile device security plan in the near future. 22

Implementing a comprehensive BYOD policy right now, rather than when it’s too late, is important.  We’ve compiled a list of four items that any business currently building a BYOD strategy must consider.

  1. It must clearly be outlined what specific devices are permitted for work use.
  2. The company/organization must have the ability to remotely delete company-sensitive data from mobile devices without the device owner’s permission.  Remote deletion capabilities are much more refined these days; simplifying the removal of enterprise-related data from devices, while leaving other content like personal photos, contacts, apps and music downloads intact.
  3. Written policies should be put into effect that correspond with terms of use policies and any guidelines pertaining to remote/telecommute workers or the sharing of sensitive data.   There should be clearly defined consequences for violating any or all policies.
  4. Employee privacy should be discussed within the BYOD policy since employees often use these devices to check personal email, browse or post to Facebook and Twitter feeds, instant message, and store personal documents, photos, music and movie downloads.   Employees must understand that employers still have access to the content stored on these devices.  Location tracking, which gives employers the ability to locate employees, is also something to discuss since many people don’t necessarily welcome that kind of surveillance.

It is understandable that BYOD and more mobile employees have some small business owners feeling anxious and nervous.  But mobile management tools, periodic conversation, security checks, and research will do wonders when it comes to keeping small businesses safe.

Maintain security and safe BYOD practices. CLICK HERE for a free network and technology assessment.

Achieving Hipaa Compliance & Data Security In The Cloud

Prioritizing Security & Privacy in Healthcare Sector

Physician offices, hospitals and health insurers take practical steps each day to protect private patient health information (PHI) and comply with HIPAA regulations. Anyone interacting with patients and regularly accessing or discussing confidential medical records is obligated to adhere to certain requirements to uphold privacy and security.

For example, employees must be mindful of what is said aloud pertaining to an individual patient. Doors must be closed when patient conditions, treatments and procedures are discussed in person or over the phone. Staff should never leave voice mails with specifics about patient health conditions or test results. Even simple acts like summoning patients from the waiting room must be carried out with patient discretion in mind.

Failure to do this can result in a reported HIPAA breach that can be accompanied by potentially heavy monetary fines and often-irreparable reputation damage. The industry’s need to prioritize the integrity of patient data is even more pronounced in this time of flux within the healthcare sector.

Transitioning to the Electronic Age

Healthcare service providers today are in the process of converting all paper medical records to electronic health records (EHRs) or electronic medical records (EMRs) to meet the meaningful use requirements outlined in the American Recovery and Reinvestment Act of 2009 (ARRA). The ARRA incentivizes the healthcare sector to accelerate the adoption of enterprise-wide electronic medical data by 2015 or face possible penalties.

We are entering a period in our history where volumes of confidential patient health information (PHI) will be stored, shared, and accessed electronically for the very first time ever. There has never been a more critical time for healthcare service providers to ensure that patient rights are protected, confidential information is safeguarded, and this transition from the immovable locked file cabinets to today’s electronic-system is completely HIPAA compliant and secure.

How HIPAA Breaches Most Commonly Happen

The U.S. Department of Health’s Office of Civil Rights found that there have been 21 million HIPAA security breaches since 2009. These breaches have resulted in an average of 2,769 records being lost or stolen per breach. Among them:

  • 48% were stolen medical files
  • 48% were stolen billing and insurance records
  • 20% were stolen prescription details
  • 13% were stolen monthly statements
  • 24% were stolen patient billing/payment details
  • 19% were stolen payment details

During this period, 66 percent of the reported large-scale HIPPA violations were due to the physical loss or theft of electronic equipment or storage media such as a laptop or flash drive that held unencrypted PHI. Another 8 percent of the large-scale HIPAA breach incidents were the result of hacking and cybercrime.

Physical Theft

Based on the above findings alone, one can come to the obvious conclusion that storing such unencrypted data on a physical hard drive or any portable storage media device elevates the risk of an HIPAA breach. Therefore, eliminating the need to store or transfer this data on equipment such as laptops or flash drives should significantly minimize the risk of many of the HIPAA violations reported today.

Cybercrime

Cybercrime is a growing threat within the healthcare sector since the industry has been slow to adopt new technology. According to the Identity Theft Resource Center, there were 17 reported financial industry data breaches in 2012 compared to a reported 154 healthcare industry breaches during the same time frame. The aging technology commonly used by healthcare service providers is rife with software and security flaws making it susceptible to data breaches resulting from hacking and other cyber-attacks.

Data thieves view private medical records as a high valued commodity – a gateway to identity theft. Safeguarding this data is challenging. With the shift to electronic records, data thieves have upped their game, finding new ways to gain unauthorized access to patient data by exposing vulnerabilities.

Defending against cybercrime requires constant monitoring for intrusion attempts and security upgrades. In this era where the volume of stored data is increasing, new cyber threats seemingly surface every day, and there is continuous demand to comply with regulations; healthcare service providers securing their own infrastructure will inevitably become overburdened and more vulnerable to attacks and HIPAA breaches.

 

The Case for Moving Data to the Cloud

Although many healthcare service providers have shown a reluctance to abandon their in-house IT infrastructure and security measures, on premise data center attacks are proving to be more prevalent, costly, and difficult to rebound from.

Healthcare providers who have resisted the cloud due to privacy and security concerns could be making a grave mistake. Increasing evidence suggests that the cloud can actually enhance data security. It does this while also freeing up manpower and budget dollars that can be better allocated toward the principle objective of improving patient care.

Proactive Remote Monitoring

Leading cloud-service providers offer an around-the-clock remote monitoring service that maximizes uptime while monitoring each node in the cloud infrastructure, each access point, and the data center platform as a whole. This is an extremely important function that detects and addresses potential issues before they become serious breach incidents. Metrics are collected and alerts are triggered whenever faulty conditions such as a data backup failure or an authorized attempt to access data are detected.

CLICK HERE for a free network assessment and see how your sensitive information can remain secure in the cloud.

Cloud and HIPAA – Questions You Should Ask

What to Ask Your Cloud-Service Provider

Cloud is establishing a foothold in the industry as the data management system of choice for many healthcare service providers. This means cloud security continues to evolve for the better. However, you must still choose a cloud-service provider wisely and ensure that patient data is secure at all levels of workflow.

We’ve compiled a list of several things you should ask your cloud-service provider regarding EHRs and PHI data.

  1. Who has access to this data and the systems supporting it?

Any cloud service provider should be able to tell you who has access to the physical storage facility, the hardware, operating systems and data.

  1. Is there an audit trail and can unauthorized access to patient data be easily verified?

Is there an auditing mechanism in place tracking all PHI-related system activities, warnings and failures? Any unusual system activity such as suspected unauthorized access should be easily detectable.

  1. Is the data password-protected and accessible to only those authorized?

Are users prompted to enter a unique username and password with each log on? Do active logged-in sessions time out after periods of inactivity?

  1. Is the data encrypted? Is it only viewable to those with proper authentication or accessing it through an application?

Is SSL-based encryption performed at the application level when healthcare sites and the data center communicate? This ensures end-to-end protection from the service access point to the data center and prevents any unauthorized network provider employee from accessing the data. Data also can’t be read while in transit to an end user’s viewing software over the Internet.

  1. What kinds of backup processes are in place to ensure business continuity?

How often is data backed up and what is the method of backup to reduce data loss? Are copies made on removable media and stored off-site if a disaster impacts the data center? Are the two copies continuously synchronized? What authentication processes are in place to ensure data integrity?

  1. How are the threats of viruses and Trojans handled?

Is there anti-virus software running every time files and disks are scanned or accessed? Is the anti-virus software frequently updated with the latest virus signature databases?

  1. What Kind of Physical Security Exists at the Data Center?

Is security at the data center manned 24-hours with appropriate identification required and recorded with each visit? Are security cameras, motion detectors or alarms present throughout the facility?

The necessary investment to buy and maintain physical equipment, hardware and software, and supply personnel with the continuous training they need to deliver top-level data security is unaffordable and overtaxes the resources of smaller healthcare entities. Converting to cloud-based services enable practices and companies of any size to achieve industry-leading HIPAA compliant data security while benefiting from a slew of cost-efficient benefits that liberate them from security problems – bringing them back to caring for patients, not patient technology.

If you’re interested in a cloud-service provider who follows the administrative simplifications referenced under HIPAA, and can satisfactorily assure the safeguarding of electronic patient health information, contact us today.

Call (214)377-4884 or CLICK HERE for a free network assessment.

The Basic Services of an MSP

18 Your peers are finding new technology innovations like virtualization and the cloud as a way to save money. Virtualization and cloud computing are a cost-effective means to move the contents of entire servers into one offsite virtual server or software bundle – this includes all applications, data, operating systems and patches. The need for fewer physical servers reduces hardware and energy costs, data size requirements and makes overall IT management and backup/recovery easier.

According to series of studies compiled by VMWare (a US-based cloud and virtualization software and services company), businesses that have implemented virtualization have reduced total cost of ownership in IT operations by up to 67%.

While there has been much attention called to the positives of these new innovations, SMBs owners and managers have little to no visibility to the new set of risks and the incremental costs that accompany this new technology.

This new technology, while highly productive, also has the potential to be disruptive given the increased risk for security breaches in the cloud and the learning curve of team members adapting to new technology and software applications. The life of a system administrator also becomes more complex given the demands of always-on employees/customers and the greater need to backup data and recover immediately in the event of an unplanned outage.

The reality is many of the headaches that come with new technology aren’t fully realized until months, if not years, into their implementation – and this may be too late.

 

Management today needs more visibility to the real risks at hand, along with new solutions and methodologies. Partnering with a managed services provider (MSP) is one new approach being used by many of your peers today. Experienced MSPs have access to newer tools that reduce costs by automating many routine in-house labor intensive processes. Break-fix is labor intensive, and labor is one of the most expensive operating costs within your IT infrastructure. These innovative tools generate real productivity increases and mitigate the risk of network failure, downtime or data loss from human error.

MSPs deliver a trusted foundation for your team and your customers – some of the services and tasks offered include:

  • Remote Desktop Management and Support
  • Predictable Management of Critical Patches and Software Updates
  • Fractional Resource Availability of Best-In-Class Expertise – scaled to your needs
  • Implementing and Testing Backup and Disaster Recovery Processes
  • Performance of Inventory and Audits of Computer/Network/Software
  • Enforcement of Network/Security Policy
  • Mobile Data Management and Monitoring
  • Monitoring of Network/Operating System and Alerts
  • Updating Anti-Virus Software and Detecting Spyware

Alert Monitoring – MSP automation of this task has led to an 80% reduction of in-house monitoring that delivers visibility to risks that were previously unidentifiable.

Service Tasks/Help Desk Requests or Ticketing – MSP automation of these tasks have led to a 30% reduction of in-house support ticket- related efforts – saving countless hours of paying for employees and team members to stand idle

Reporting – MSP service-level management tools and dynamic dashboards have led to complete automation of reporting and business communication efforts. Network trust increased and fear of unknown risks reduced so management can sleep at night?

 

Erase any misconception that MSPs are nothing more than “outsourced” tech help priced to displace your in-house IT technician or team. The new MSP has defined effective processes; methodologies and technology partnerships to offer valuable preventive services that proactively identify and eliminate threats before a bigger problem arises.

Whether an MSP assumes full responsibility for IT operations or acts as an ally to an in-house IT technician or team, the toolsets and education they provide to SMBs are invaluable. An MSP’s expertise and availability is what sets them apart from the “fireman-like” break-fix provider.

In an increasingly competitive environment where technology evolves at a rapid pace, businesses must fully leverage innovation to better meet the needs of their employees and the expectations of their customers. Much of this hinges on an organization’s ability to increase system reliability for their business continuity, team productivity and customer satisfaction.

CLICK HERE for a free network assessment, and choose Cognoscape as your trusted MSP.

Technology and SMBs

16 Contrary to what you may read, IT costs don’t necessarily have to skyrocket as your business grows. Small and medium sized businesses (SMBs) just have to be more cognizant of where their technology investments are going and what they’re truly getting as return on their investment. As businesses rely more than ever on technology for day-to-day functions, managers realize that they simply cannot afford the lost productivity, lost revenue and the negative impact on business reputation that comes with a downed system or network. At the same time, many businesses can’t justify the costs of employing any full or part-time IT support given today’s economy. In fact, many small-to-medium sized businesses choose to pay for on-site support on an as-needed basis as opposed to having one or several dedicated IT employees on payroll.

With the recent buzz about the potential benefits and cost savings of virtualization software and cloud computing, many SMB executive teams are rethinking how their technology investments are currently allocated. Two things you’ll find many technology dependent peers focusing on today are a greater return on investment (ROI) and a lower total cost of ownership (TCO).

ROI is calculated by dividing the cost reduction and avoidance realized over a period of time by the total amount invested over that same time span.

Total Cost of Ownership (TCO) is most commonly related with four categories in the business/tech world. 17

  • Downtime – Smart executives ask themselves “What does it cost my business when my employees, extended teams and/or our customers can’t get to the data they need.” Downtime includes ALL costs linked to server downtime – both planned and unplanned – along with mostly hidden soft costs that aren’t necessarily easy to quantify such as lost employee productivity and business as a result of downtime.
  • Hardware and Software – The price of the server, hardware and software purchases, contracted tech support and maintenance, training services, upgrades, and backup and virus protection software.
  • IT Operations – Network and storage infrastructure, server deployment and configuration, data center power and cooling, and other system-related administrative tasks.
  • Business Administration – All costs related to business processes like labor costs, purchase approvals, vendor contract negotiation and procurement process tracking.

As referenced earlier, small-to-medium size companies can be severely understaffed when it comes to IT support. With so many technology changes emerging in recent years, this puts your businesses at an increased risk for network failure, data loss and security threats – all of which can be enough to put an ill-prepared company out of business.

CLICK HERE for a free network assessment.

Five Tips to Safe BYOD for SMBs

  1. Create a Mobile Device Policy and Enforce It

Don’t be afraid to spell out what employees are expected to do – and not do – with their mobile devices. It’s important to remember you aren’t only managing devices but people as well. This is where you define acceptable and unacceptable behaviors and make it clear that there will be no exceptions.

Clearly define what types of devices are allowed. While you want to support a mix of the devices employees are most likely to carry, a line has to be drawn somewhere to prevent things from becoming unmanageable. No company, especially a small one, needs to open up things to 30 mobile devices. Minimum standards for device age and capabilities should be set. Newer technology will obviously have better security features. For instance, anything before the iPhone 3G will not permit device-level encryption.

Every policy should address acceptable personal device use when it comes to webbrowsing, app downloads/usage, public Wi-Fi protocol, and data transmission/storage guidelines.

  1. Keep Devices Lock & Password Protected

Your employees are using devices they take with them everywhere. You have no idea where they are at any given moment of the day. More importantly, you can only hope that their mobile device is either with them or stored away safely. Devices that aren’t password protected, which are left out in the open unattended, pose a huge risk.

Keep in mind that 46% of people who use their mobile device for work admit to letting others use it from time to time. Many devices have free built-in security controls such as locked screens, the ability to remotely wipe out the device after multiple successive failed authentication attempts, and even GPS trackability.

Passwords should be strong and frequently updated. Employees should also be advised to not keep written passwords lying around.

  1. Immediately Disconnect Terminated Employees or Voluntary Leaves

Be sure to remotely wipe company data from the personal device of any employee who is terminated or voluntarily leavesthe company. Ideally, this data should be retrieved. This is one reason a SMBs mobile device policy must address where employees are to edit and save files. Many SMBs these days require all files to be shared, edited, and saved on Cloudbased software like Dropbox.

  1. Use Available Encryption Technologies

Business critical files, folders, and hard drives should be encrypted for reliable protection against unauthorized access. Encryption prevents sensitive data from being read by potential hackers as content is transferred to and from mobile devices. 21

  1. Use a Mobile Device Management (MDM) Solution

MDM solutions are a cost-effective means to ensure that any mobile device accessing their network is identified, controlled, and monitored. This method of centralized management makes it easy to configure devices for enterprise access, stipulates password policy and encryption settings, locates and remotely clears and locks any lost or stolen device, automates security updates, and proactively identifies and resolves device or app issues.

CLICK HERE for a free network assessment.

 

 

Embracing the Age of Mobility & the BYOD Workplace

15 In today’s always-connected world, the time-honored separation of work and personal time is quickly disappearing. Mobile devices such as laptops, netbooks, tablets, and smartphones have fundamentally changed how all of us live and work.

With work no longer confined to a physical office space, or limited to traditional business hours, we’ve created an increasingly mobile and dispersed workforce capable of working anywhere at any time. 3 out of 5 workers today no longer believe an office presence is necessary for a productive day’s work. By 2015, the IDC estimates the U.S. will have over 200 million people working remotely.

By now, it’s obvious that BYOD (Bring- Your-Own-Device) isn’t just another buzz-worthy acronym or a workplace trend that will eventually fade; it’s part of the complete restructuring of the conventional way we’ve worked up to this point. There is simply no going back to the way we were. With or without company approval, employees prefer working from devices they own and are most comfortable with, meaning it’s out with yesterday’s loud, clunky and slow in-office desktop PCs and in with today’s feature-rich, on-the-go, employee-owned mobile devices.

Although many small-to-midsize businesses (SMBs) have fully embraced BYOD for its countless benefits, this proliferation of employee-owned devices accessing company databases, files, and email servers is unprecedented. It is also risky because it increases vulnerability to security breaches and data loss.

Which raises the question: are workplaces today responsibly ushering in BYOD with safety, security, and long-term adaptability in mind?

THE MAINSTREAMING OF BYOD

It’s hard to believe that just a decade ago work mobility was practically nonexistent. We worked from cubicle farms with workstations and desktop PCs straight out of the movie Office Space. The office was our only access to the company network. Select employees might be provided with company-issued laptops with pre-loaded software useful for work. Perhaps they’d be trusted with FTP (File Transfer Protocol) privileges to access and transfer files to the server. Cell phones were actually just phones.

Even when BlackBerrys were introduced to the business world, allowing people to use a mobile handheld device to access their work email and manage their schedule for the very first time, the BlackBerry Enterprise Server made it easy for IT departments to configure and manage the device. BlackBerrys eventually gave way to iPhones and Androids. Laptops eventually gave way to iPads and tablets that combined laptop usability with smartphone portability. Meanwhile, the number of public Wi- Fi hotspots grew, making employees eager to access their company network and work files from just about anywhere through their mobile device.

Today, BYOD has become the “new normal”. A recent poll of 1,021 small business owners in the United States found that 68% allowed employees to use personal devices for work. 79% of CIOs at businesses who aren’t encouraging BYOD believe employees access their network with unauthorized personal devices every day.

Initial resistance to the BYOD movement has proven to be futile. Gartner, a technology research firm, predicts that 90% of businesses and organizations will support the use of personal devices for work purposes by the end of 2014.

And it certainly seems that more business owners today are seeing the upside of BYOD, which include…

Increased Production

On average, it has been approximated that businesses gain 9 additional hours of productivity per week when employees use personal devices.

Improved Service

The benefits of this increased production and greater flexibility naturally extend to clients and customers since mobility allows workers to resolve escalated issues or almost instantly reply to inquiries outside of normal work hours. It is common these days to receive an email response after 5pm with a “Sent from my iPhone” tagline at the bottom.

Reduced Costs

Transferring IT hardware and equipment expenses to employees can save SMBs significant money. A study conducted by Cisco’s Internet Business Solutions projected that U.S. companies utilizing BYOD can save up to $3,150 per employee each year. Additionally, since consumers are drawn to the freshest technology, and the latest upgrade to their device of choice, businesses no longer have to budget to continually upgrade to keep up with technological advances.

In 2013, telecommunications and information technology service provider Cbeyond, Inc. conducted a blind survey of 711 C-level executives of firms with fewer than 250 employees. Their findings revealed that not only is BYOD more widely accepted today, but mobile devices have also become critical to day-to-day operations and essential to meeting business objectives. Many acknowledged that it would be a challenge to do business today otherwise. A fair share of executives felt their business couldn’t survive without mobile device usage. 20

One troubling aspect of the aforementioned report is 32% of the surveyed SMBs aren’t sure if their data is adequately protected. While they acknowledge that BYOD puts their organization at risk, just 22% of SMBs currently have a comprehensive BYOD policy in place to address mobile device usage and define data privileges extended to personal devices.

Here are a few reasons this sets a dangerous precedent.

  • Nearly a third of employees use more than one mobile device during a typical workday. It’s critical that organizations, especially small businesses, know whatdevices are accessing their network and whom they belong to.
  • With the existence of public Wi-Fi hotspots at coffee shops, restaurants, hotels, convention centers, trains, and airports, inadequately secured mobile devices are constantly exposed to hackers monitoring traffic on open networks. According to data compiled by the Ponemon Institute, 59% of organizations have experienced a rise in malware infections linked to insecure mobile devices.
  • BYOD makes SMBs increasingly susceptible to costly data breaches with 38% of these breaches occurring as the result of lost or stolen mobile devices. Verizon Business has estimated that 174 million records have been stolen in 855 data breaches linked to smartphones and tablets.
  • There are more than 500,000 apps in the Apple App Store. The Android Marketplace has over 200,000 apps. The security controls in place to evaluate the safety of these applications are suspect and some apps having phishing screens, hidden spyware, and malware. This means the apps or clients being used to access enterprise content could put your data at risk.

The adoption of BYOD can be beneficial to small businesses but it shouldn’tcompromise company or customer data. Developing a comprehensive BYOD policy minimizes risk while still granting full (and secure) access to the files and applications your employees need, regardless of where they are.

CLICK HERE for a free network assessment.

Common Causes of Downtime

Chart Zero In On Infrastructure Vulnerability to Data Center Downtime

Leading Causes of Downtime

  • Power Outages – 48%
  • Accidental Data Deletion – 31%
  • Employee Created – 29%
  • Virus/Malware – 25%
  • Application Failure – 20%

Power Related Outages – Vulnerabilities to a data center’s power still rank as one of the leading causes of unplanned network outages and can often be catastrophic. Particularly costly are UPS (Uninterrupted Power Supply) related failures (this includes batteries) and generator failures.

ZERO IN

To minimize the impact that power outages have on data center operations, and to prevent a potentially catastrophic unavailability of the data center, a dependable backup system is needed. This ensures the backup of critical data and applications is always in place in the event of equipment failure.

The integration of comprehensive infrastructure monitoring and management tools also minimizes the costs associated with identifying and repairing power system failures. Accidental Data Deletion and

Employee Created Downtime

Simple human error is a prevalent cause of downtime. Whether months of data is unintentionally lost in a backup error, a power cord is unplugged, a busy IT technician overlooks routine maintenance and alert monitoring, or there is an error in judgment during an emergency, to err is human and apparently quite frequent as well.

A study by the Gartner Group, an IT research and advisory firm, projected that through 2015, 80% of downtime will be due to people and process issues.

In the fall of 2010, foursquare – a widely used mobile check-in app – had a highly publicized outage of eleven hours, followed by another shorter service disruption the next day. All three million users of the app were affected and it was a chain of human mistakes that led to both outages. IT techs noticed that a server was storing too much data, but as the support team tried to resolve the issue, all the servers went down.

9 ZERO IN

Regardless of proper training, or the quality of IT technician hires, human mistakes will likely always lead to instances of a downed data center or network, especially considering the expected learning curve of adapting to new technologies. Ensuring proper communication amongst team members and adequate training at all levels is critical. Of course, it goes without saying that having a comprehensive backup strategy is also a necessity to counteract downtime and ensure business continuity regardless of who is having a bad day.

 

Virus/Malware/Hacks – SMBs are often guilty of thinking they are immune to hackers, viruses and malware. According to a National Cyber Alliance and Symantec survey, 77% of SMBs don’t believe they’re at risk for cybercrime while 83% admit to having no formal measures in place to counter these threats. This isn’t merely a threat to your data; it puts your bank account and the sensitive data of your customers at risk.

ZERO IN

Passwords should be regularly changed every few months. They should also be strong. This means no more passwords like “password” or “1234567.” Employees must be educated on security and precautionary measures. And there is no excuse for not having data backed up in this era of cloud computing and virtualization – where the entire contents of physical server – including the operating system, applications, patches and all data – can easily and cost-effectively be grouped into one software bundle or virtual server.

 

Application Failure – Many applications or their components contribute to recurring downtime. While virtualization offers many multi-faceted advantages it has also further exacerbated overlapping applications in the infrastructure. One small application component failure is now likely to impact many applications.

ZERO IN

It is critical that all components are profiled and there is a general understanding as to what each application does – the hardware resources used by the application and the software it integrates with. Identifying an owner will allow for better monitoring and recognition of failure points.

10

SMBs can benefit from a little help when it comes to properly implementing and leveraging this new technology to strengthen their disaster recovery efforts. Access to a 24/7 NOC (Network Operations Center) team offering remote monitoring and management solutions, along with a 24/7 help desk, can help SMBs improve backup, monitoring and troubleshooting processes for maximum uptime and business continuity.

CLICK HERE for a free network assessment.

 

Can Your Business Afford Downtime?

Calculate the True Cost of Downtime

According to the Aberdeen Group, a business intelligence research firm, downtime is costing companies 65% more per hour these days than just two years ago. 2012 data calculated downtime costs at the $165,000 mark compared to the $100,000 of 2010.

According to Symantec’s 2011 SMB Disaster Preparedness Survey, small businesses lose an average of $3,000 each day from owned systems and networks. Medium sized businesses bleed even more money, losing an average of $23,000 each day. 8

C-Suite management at SMBs must consider both the direct and indirect costs of downtime. Direct costs are:

  • Wasted wages paid to idle employees
  • Sales lost during the outages
  • The expensive emergency service/repair bill issued by the on-call IT technician brought in to get your business back up and running.

Indirect costs, such as lost customers who have moved on after one too many “Our server is down” messages, are more difficult to quantify but more costly – equating to roughly 62% of all network downtime costs. A specific dollar amount cannot be placed on lost productivity, the long-term consequences of damaged reputation and wasted opportunities that accompany each downtime event.

This is why Chief Information Officers (CIOs) and IT support alike don’t have the visibility or insight to understand what the average downtime event truly costs them. The residual effects of a network outage are typically much more costly than costs related to identifying the root cause of the failure and repairing or replacing any physical hardware.

But so many C-level executives remain mindful of only what downtime costs them in terms of repair or replacement costs. They also tend to gloss over the fact that their day-to-day business processes are more susceptible to outages and inaccessible data than they think.

CLICK HERE for a free network assessment.