The cyber threats the business community faces continue to grow, increasing the importance of having a multi-layered approach to protecting your data.
Find out more during our webinar presented via partnership with Datto and Barracuda.
Cyber Threats in 2019: Ransomware Continues to Evolve –
Don’t Let Your Guard Down
Thursday, May 9 | 12:00 – 12:45 p.m. ET
In partnership with Datto and Barracuda.
SMBs usually place cybersecurity a few places down on their list of important issues, mainly because they think hackers target the big guys: those corporations that bring in billions of dollars every year.
This belief is a myth.
Those big businesses routinely spend millions on cybersecurity, making them much more difficult to breach. Hackers often turn to companies that do not focus on these security issues, which is why half of the 28 million small businesses in the United States have already been hacked. Medium-sized businesses are also in danger of the same fate.
No matter the size, your business needs to focus on these 2018 cybersecurity trends to keep your data safe from thieves.
CSO: 63% of confirmed data breaches involved leveraging weak, stolen or default passwords.
You and your employees have heard the following password warnings for years:
If you are like many people, you have often ignored this advice, making it incredibly simple for hacking software to determine your password, often in seconds. Your company needs to enforce these password rules to keep your data safe.
Related: Include These Key Steps and Elements to Create a Solid Cybersecurity Strategy
Since almost no one can memorize passwords for each of their accounts, you should install a password manager app for every employee. Your data will be safer, and your staff won’t have daily password breakdowns.
WeLiveSecurity: 70% of employees in some industries lack awareness to stop preventable cybersecurity attacks.
Every business needs to teach basic cybersecurity classes.
Many viruses and ransomware attacks come through email attachments that are carelessly opened by innocent employees. No one should ever open an attachment from an unknown source – in fact, your employees should check with the sender of an attachment before opening it to make certain it is a valid document.
Related: Bad Security Practices that Hackers Love
Some email providers automatically scan attachments for viruses. Make certain that your email provides this service. If it doesn’t, see if they have a procedure for downloading documents so that they can be safely scanned that way.
Stay up-to-date on current virus and phishing schemes and alert your employees to them. Simply being cautious can save the company thousands or even millions of dollars.
Gartner: Cloud-delivered security products are more agile and can implement new detection methods and services faster than on-site solutions.
You need to inventory all of your company’s endpoints and devices and know exactly where they are and who is using them. Someone can easily take home a company laptop or tablet and let their family members have access to it. Sensitive company data can easily be shared in that instance, which can lead to serious problems for the company.
Also, no one should do company business on an unsecured WiFi connection. First, check that your company’s firewall, virus protection, and internet connection are all up-to-date and secure. Then make certain that no one is using company computing devices on a open connection at a coffee shop or similar location. Hackers commonly use these security lapses to steal important data.
Related: 6 Cybersecurity Myths That Are Hurting Your Business
You should use cloud protection platforms to monitor the status of your organization’s security. It allows for anytime, anywhere access that can save you a lot of trouble in the event of a cyberattack.
SMBs are popular targets for hackers who can steal company and customer data, leaving everyone involved exposed to financial loss. These internet thieves consider smaller businesses easy marks because… they usually are.
You can protect your company from serious cybersecurity problems by partnering with an SMB security specialist that can handle your security for you. We’ve got experience in protecting organizations like yours.
We’ll make sure that no matter what comes your way, your data will stay your own.
Interested in learning more? Contact us today to get more information or to get started.
When you think about hackers and security breaches, you often associate these attacks with large corporations. Although major security attacks do impact large businesses, small-to-medium businesses tend to be the easiest targets for hackers.
Unfortunately, smaller companies often don’t have a dedicated IT team to enforce digital best practices, leaving them vulnerable to criminals.
Luckily, even if you do not have a deep understanding of IT practices, you can still protect your company through good due diligence — all while avoiding common pitfalls that hackers love.
You have likely heard about security best practices. However, it’s also important that you take a proactive approach in regards to bad practices. After all, only around 14% of small companies rate their ability to reduce cyber risks and attacks as highly effective.
Address the following bad practices as soon as possible in order to mitigate cyber-security risks.
Back in the early 90s, all-in-one antivirus scanners were effective, as they were able to detect the dozens of worms and viruses lurking out there. Unfortunately, times have changed. Thousands (if not millions) of malware programs are released monthly, many of which will go undetected.
To protect your business, you need a combination of tools in a unified platform that is easy to manage. This platform should take care of things like file sharing security, email security, routine system scans, and more.
Many people have a “go-to” password, often using it across multiple online accounts. This has led to some major data breaches in the past, as hackers are able to easily steal a copious amount of information by just knowing a single password.
Each account needs to have a strong, unique password. Make sure each password is at least six characters (but the more the better) and that it includes a combination of numbers, letters (both lowercase and uppercase), and symbols.
One of the biggest issues associated with cybersecurity is human error. Whether your staff ignore security updates or is unaware of phishing scams, poor training and a lack of awareness are incredibly dangerous for your business.
Many companies do not make cybersecurity training a priority until it’s too late. Be sure to meet with your staff on a regular basis to discuss the latest techniques and methods, as well as recent trends and dangers (especially in relation to malware email attachments).
Related: The 3-2-1 Backup Rule — Why It’s Important
You may have implemented security measures in the past, but that does not mean they’re up-to-date. This is where regular testing or “fire drills” come into play. If you created a security response plan within the last year, you should run a hypothetical drill.
Ideally, you should be revisiting your security plans quarterly — but many businesses are now opting to run drills monthly. This also applies to your disaster recovery plan (as hackers are not the only risk involved).
Since many companies are transitioning towards a “bring your own device” arrangement, business owners need to consider where critical data is being stored and accessed. This is because mobile devices are typically easy to crack.
If you currently have mobile device management (MDM) or enterprise mobility management (EMM) solutions in place, know that these do not protect you against hackers and malware. This is something that you can discuss with a managed service provider.
Beginning today, it is imperative that you take a proactive approach, focusing on your company’s future. After all, cybersecurity entrepreneur and IT security futurist, Neil Rerup, said it best, “True cybersecurity is preparing for what’s next, not what was last.”
Now is the time to create a solid cybersecurity strategy and if you require assistance, please feel free to contact our team our team today!
Every company is wrestling with cybersecurity. The number of breaches makes it impossible to ignore the issue. One of the biggest challenges that companies face when addressing cybersecurity is the number of myths and misconceptions that surround it.
These are some of the cybersecurity myths hurting your ability to protect your business.
An important prerequisite to fighting security breaches is the company’s mindset. It’s difficult (if not impossible) for any company to eliminate the opportunity for a hacker to breach their system. If you believe that being hacked is something better swept under the rug, you’re limiting your ability to prevent breaches and handle the situation if hackers attack your company.
Related: 3 Data Loss Horror Stories
All companies benefit from pooling their knowledge with others. Keeping cybersecurity concerns and experiences a secret will only make everyone more vulnerable. In addition, trying to hide a breach will result in more damage over the long term.
After all, would you trust a company that didn’t tell you if your data was at risk?
Antivirus software was a blessing 20 years ago. Today, however, it will only protect against an unenthusiastic hacker. Most hackers have found ways around antivirus software and can easily hide an attack from an unsuspecting user.
In other words, today’s sophisticated and quick attacks are no match for antivirus software.
A cybersecurity strategy must include preventing access, but it’s also necessary to recognize that you need a more proactive stance. You must protect against the known threats that antivirus software can spot.
But, it may be even more important to have the ability to spot unusual and unauthorized activity on a network and initiate appropriate action. If you can’t stop all attacks, at a minimum, your security system should work toward minimizing the damage.
Anyone who believes it will never happen to them is almost guaranteeing that it will. For example, many small businesses think they’re immune to cyberattacks. That’s a prime cybersecurity myth, as research shows quite the opposite:
Another issue to consider is that companies of every size store data that shouldn’t become public, or fall into a hacker’s hands. Whether it’s confidential customer information or trade secrets, there’s a hacker out there who would be interested.
You need to protect your network and your servers, but you also need to protect local PCs, mobile phones and other devices that access your network. Any device that connects to your network is a potential doorway for hackers to breach your systems.
It’s true that your IT department has the technical knowledge needed to implement security strategies. However, the users of your IT systems present the biggest internal threat – one that IT can’t control.
The problem isn’t an employee planning to steal sensitive information. The biggest threat the users present is an innocent action that has unintended consequences. For example, ransomware attacks usually start with a malicious email sent to one of your employees with a file attached.
Hackers are becoming very creative in making an email look like it’s coming from a reasonable source, and that its attachment contains an order, invoice, or some other important document. When the employee opens the attachment, they realize that it’s not real. By then, it’s far too late.
Did you know?
Training employees on cybersecurity, and educating them in how to spot a suspicious email is critical. It’s also important to have senior management support to make cybersecurity awareness part of the company’s culture.
Furthermore, the impact of a security breach takes it out of the realm of a technical problem. The financial damage makes the potential of a security breach a problem that the most senior management in the company needs to address.
Every company faces the challenge to encourage growth as they allocate funds internally. However, if funds become limited, cybersecurity may fall down the list of priorities. This big mistake is often the result of a mindset that considers cybersecurity spending to be something a company should do after funding all other “important” programs – programs that are considered critical for success.
Helpful: A Guide for Crafting a Small Business Data Backup Strategy
It’s easy to dispel this myth by looking at the impact of a cybersecurity attack. As stated earlier, SMBs have a 50/50 chance that a hacker will attack. Besides that, the financial burden that follows a successful attack can cripple or put your company out of business. In light of those facts, funding cybersecurity projects will always be the most cost effective approach.
This may be the biggest cybersecurity myth of all.
In fact, 35% of SMEs believe that they don’t need to fund cybersecurity because they have great security. That may be true in the moment, but consider that hackers are creating new ways to breach your security every day.
Establishing an active and ongoing cybersecurity strategy is the only way to do everything possible to protect your systems.
The importance of addressing cybersecurity isn’t a trend that will fade away over time. If anything, it will become more important to the future of your company as time goes on.
If you have questions about the effectiveness of your cybersecurity strategy, you don’t want to wait until you’re faced with a breach. We can help you evaluate and update your security systems. Contact us today for more information.
Your company’s data is one of your greatest assets. However, many businesses do not implement the required tools and systems until a situation occurs. At this point, it may be too late. That is why proactive measures are imperative.
For those currently seeking a backup and recovery solution, the 3-2-1 rule is a concept you should be mindful of. Acting as the best practice for data backup and recovery, it’s important to get into the habit of utilizing this highly effective strategy.
When broken down, this proactive strategy is rather simple.
The “3-2-1 backup rule” means that you should:
So, you should essentially store three backups, two locally and one remotely — hence the “3-2-1 rule.” No matter happens, this means that you’ll have a copy of your data.
According to the National Archives & Records Administration in Washington, 93% of companies who lost their data center for 10+ days due to a disaster situation filed for bankruptcy within one year of the initial occurrence (50% filed immediately).
From disaster situations to system failures, security breaches to accidental deletion, there are many causes of data loss. In fact, it’s reported that approximately 70% of all businesses have experienced (or will experience) data loss.
For this reason, the statement, “An ounce of prevention is worth a pound of cure” is incredibly relevant. By implementing the 3-2-1 rule, you can effectively implement preventative measures to avoid future data loss. As discussed, this could be the deciding factor between a company’s failure or long-term success.
To begin, you must first create a backup and recovery plan. In doing so, you’ll not only develop beneficial systems but will also become more mindful of any weak spots within your company’s current security mechanisms and data storage systems.
Could hackers easily get into your systems?
Perhaps you have yet to address your virus-protection programs?
All of these are important to consider moving forward.
In terms of the 3-2-1 rule, this three-step strategy should become an immediate priority.
Starting today, it’s important to view your data as investment capital. By implementing the 3-2-1 rule, you can gain peace-of-mind while preventing a potentially disastrous situation — the type that could potentially put you out of business.
Stephen Covey said it best, “I am not a product of my circumstances. I am a product of my decisions.”
Looking for ERP and IT solutions? Please contact us today!
You’ve likely heard about data loss and its potential impact. Unfortunately, the true costs of data loss often get covered up by the massive data breach stories that grab headlines.
Data breaches expose corporate and client data. And, when they affect major corporations like Sears, Delta Airlines and Best Buy, it’s easy to see why data day-to-day data loss stories don’t get as much coverage. The average total cost of a data breach is estimated to be $3.62 million.
Regardless, it’s important to keep in mind that disasters and accidents can cost you just as much as a data breach.
Did You Know? 43% of businesses that suffer massive data loss never reopen.
Here are a few examples of data loss and how it happens.
When looking at data loss horror stories, Pixar’s epic problems with “Toy Story 2,” definitely hit near the top of the list.
While working on the movie, one stray line of code managed to delete 90% of the film. All the Toy Story 2 backups were recorded on tapes. But without regular testing (that never happened), the team never knew if the tapes would work until they tried to restore from them.
Unfortunately for the design studio, the tapes were not running good backups. That left the company with a months old version of the file tree and a rapidly approaching deadline for a release date.
However, Pixar got lucky.
One of their employees worked from home and happened to have a copy that was only a few weeks old. The film was back up and running after a massive week of overhauls, file checks and impossible man hours.
Related: 8 Business Benefits of Having Managed Services
One badly executed command almost cost Pixar their credibility and a film that eventually went on to gross nearly $500M and walked off with an Oscar nomination.
Data loss stories aren’t just reserved for olden time.
Even in 2014, well into the age of cloud computing and near-instant data recovery systems, the State Department showed exactly how bad things could get when you don’t have a recovery plan in place.
Rolling out a software patch managed to crash the State Department’s passport and visa system, affecting more than 200,000 travelers worldwide. Neither passports nor visas could be issued or verified while the system was down.
Related: You Can’t Plan for a Disaster, but You Can Have a Disaster Plan
The State Department actually had the data backed up already, but the system itself was not.
Remember that 43% mentioned earlier?
You might not remember Ma.Gnolia, a bookmark sharing website, but it was doing quite well in early 2009.
Users could publicly or privately bookmark a site for later viewing, and all without a local save. That meant you could access your bookmarks from any device. The company suffered a major data loss that took the entire service offline. Faced with days of expensive recovery activities and a major reputation hit, the company never recovered and folded shortly thereafter.
The longer your systems are down, the more money you’re paying your employees to sit and wait. Data loss also means you’ll bring in less money due to the downtime that accompanies it.
Data loss isn’t reserved for big companies. It’s common, and it can happen at any time. Avoid being a member of the data loss brigade with a disaster and recovery plan that includes continuous backups and regular checks to ensure data integrity and recoverability.
Where do you get one of those, you ask?
Turn to your friendly neighborhood MSP, AppSolute. We’ve got what it takes to protect your data and keep your business running through the thick and thin.
Data backup is a necessity for businesses small businesses. The information you store on your computers is critical to keep your company in business. Imagine what would happen if you lost your customer records, accounts receivable, and accounts payable records. It would be difficult or impossible to keep your business running.
This guide will help you establish a backup strategy for your business.
Data backup is critical because you never know when something will happen that threatens your data and your livelihood. Consider these examples:
Data loss can happen because of hardware failure, system problems, a natural disaster, or someone leaning on a computer keyboard. Given how devastating a data loss can be, a secure plan is required.
The following steps will assist you in taking an organized approach to developing a data backup strategy that meets your company’s needs.
You may think this is an easy task, but if you have employees, you may find that you have important data stored in a variety of places, including:
Since you’re preparing a data backup strategy, take the opportunity to talk to every employee to identify the places where data is stored.
Related: 8 Business Benefits of Having Managed Services
Different backup approaches support different goals. Decide whether your business needs the ability to restore data, or to maintain your operations. In addition, decide where you should store your backups.
Today, you can store backups in the cloud, on-premises, both, or some of each. If you choose just one of those alternatives, you’re limiting your ability to recover from a problem. Using a combination or hybrid approach will help you recover from almost every type of failure.
Related: What Does an MSP Actually Do?
There are two basic methods for performing backups, file level and image level. Any employee can use file-level backups to a server for easy access. To protect an entire system, image-level backups will allow you to do fast recoveries, especially if you use a continuous recovery model where each backup is restored as it is created.
The odds are that you need to protect yourself against an employee deleting a file or files. In that situation, performing file-level backups is a good solution. However, you’ll also need to protect yourself against a real disaster.
A natural disaster such as flood or tornado could easily destroy all of your local data. If your backup hardware is in the basement of your office, no recovery will be possible. If you experience a fire in your office, the damage might not extend to your backup servers in the basement. However, if your backup strategy was for every employee to do file backups to that server, your recovery process will take much longer than you want to wait.
With the information you’ve gathered and the decisions you’ve made in steps one through three, you’re ready to document your strategy.
The strategy document should include an overview of everything that has led you to documenting the strategy. Putting the strategy in writing will help you in a couple of ways:
Once you’ve defined your strategy, put it into effect and test how well the strategy is working on a regular basis. Many companies have run into trouble because they assumed that their strategy was effective, and lost crippling amounts of data as a result.
If you’re wondering where you’ll acquire the expertise and the time to create, implement and maintain an effective backup plan, keep in mind that our AppSolute experts can relieve you of those burdens.
