How The Cloud Could Have Averted Disaster For Hundreds Of Companies Affected By These Catastrophes

Two months after hurricanes Harvey and Irma wreaked havoc on coastal cities, large swaths of the United States are still reeling from their impact. In their wake, the nation has been moved as we witness numerous communities unite to rebuild, finding their bearings among the millions of dollars of flooding damage and rampant destruction. Though the wonderful people of these cities will persevere, these wounds will leave indelible scars on the affected areas.

Even with the concerted efforts of thousands of volunteers and community members alike, Russel Honore — the former Joint Task Force Katrina commander — told the FOX Business Network that an estimated “40% of small businesses don’t survive” widespread natural disasters like hurricanes. Part of this is due to raw damage, lack of proper insurance or business infrastructure simply being washed away in the flood. Other businesses can’t afford to hemorrhage money as they wait for the electricity grid to come back online, and are forced to shutter operations for good.

However, what is even more commonly fatal to companies both big and small is the loss of vital data. Many businesses can handle cleaning up flood damage, and they regain their footing quickly after a natural disaster. Still, if on-site servers, computers or network infrastructure soaks up the bruntof the water, then it’s going to be difficult, if not impossible, to get the company back to a pre-disaster point. If a company’s main server fails, it can mean thousands of hours of hard work down the drain, the loss of most clientele and hundreds of hours of downtime spent desperately trying to recover key data, which usually remains lost forever.

But if, prior to catastrophe, a business has migrated their precious data to the cloud, they’re going to have a much easier time getting back on their feet and going straight to work. Even if an entire business is leveled, with cloud computing, employees can easily access the data central to the company’s operation and keep it afloat in the interim.

Most cloud services back up your data with several levels of redundancy, making it almost impossible to lose it all, regardless of what may come. Whether it’s earthquakes, hurricanes or solar flares, you can rest easy knowing that your data is safe and sound and ready for you to access it. It’s a much safer, more secure way to go than having a server lurking in your back office, where it’s far more exposed than you might think.

This principle applies not only to environmental disasters, but to numerous other ways companies lose data each and every day. Whether it’s a disgruntled employee damaging or stealing precious data, or a hacker snaking their way deep into your systems and holding them for ransom, it’s all too easy to lose localized data. Some business owners feel uncomfortable holding their data off-site, citing security concerns, but it’s quite the opposite: the cloud sidesteps these concerns almost entirely, guarding your data behind highly secure cloud-based computing solutions and providing you with numerous backup options. Not to mention, according to a 2012 Alert Logic report, “on-premises environment users actually suffer more incidents” than those that use the cloud, and also suffer “significantly more brute force attacks compared to their counterparts.”

While it’s true that not every business is right for the cloud, it’s certainly something business owners should look into if they want to ensure the longevity of their company. If you’re interested, sign up to get our free cloud computing report.

Posted in eTechTip - PC | Tagged | Leave a comment

Natural Disasters Can Destroy, But Your Data Is Safe If It’s In The Cloud

This past hurricane season has brought some of the most harrowing, widespread destruction the southeastern United States has ever been forced to weather. But, despite the enormous, tragic cost of these natural disasters, the people of these communities persevere. In the wake of widespread wind damage and flooding, communities have banded together. Thousands of volunteers and neighbors are working as one to rebuild and find the way forward. There is no doubt, however, that the havoc wreaked by Hurricanes Harvey and Irma will produce aftershocks that will echo through affected areas for decades.

To anyone who turtled up in their attic in the middle of the storm or just saw a picture of the wreckage in the news after the hurricanes departed, the physical damage caused by the storm is obvious. What’s less obvious is the effect these storms have on the futures of the survivors, the reverberating impact that cuts thousands of life plans short and forces individuals to completely change their course in a cruel reversal of fate.

“Forty percent of small businesses don’t survive these events,” said Russel Honore, the previous Joint Task Force commander for Hurricane Katrina. The electrical grid is knocked out for days, and businesses are forced to close the office for what they hope is a temporary period due to flooding.

Each day that a business can’t provide service, it’s bleeding money — a cost that many businesses, especially the little guys, can’t absorb. So, they close for good, their buildings go up for lease and those who were once the heads of promising young businesses are now unemployed, in the market for a job in a city up to its neck in water.

Just as common is a business that finds its central data structures wiped out by physical damage. Following a hurricane, most businesses near the storm should have little trouble cleaning up and remodeling following nasty flooding, but if their servers, computers and network infrastructure have been wiped out, it’s a completely a different story.

Oftentimes, a catastrophic loss of data will shutter a business for good. A 2010 report by technology research firm Gartner Group stated that 43 percent of businesses went belly-up almost immediately after a “major loss” of data, while 51% shut down within just two years. That leaves a measly 6% survival rate for businesses that suffer company-wide data loss.

These are scary numbers, to be sure, but there is good news: Businesses that migrate their data to the cloud are at significantly less risk of losing vital data. This is not only because your typical cloud service will back up your up-to-date data with several levels of redundancy, but because most cloud services are actually more secure than their on-site counterparts in general.

And make no mistake, businesses with on-site data are susceptible to loss far beyond physical disasters like hurricanes, flooding, earthquakes or solar flares. Don’t forget the risks disgruntled employees, freak accidents and, especially, hackers pose to your precious data. While it’s true that all of these risks still exist with cloud-based services, they’re much reduced. A 2012 Alert Logic report stated that “on-premises environment users actually suffer more [hacking] incidents” than cloud-based users, while also being subjected to “significantly more brute force attacks.” When you think about it, this makes sense. With your entire system backed up on a number of off-site locations, it’s much more difficult for hackers to encrypt the entirety of your data and hold it for ransom.

That said, not every business absolutely needs the cloud to stay secure. Certain business models need on-site structures for various reasons, and a few find it more cost-effective. Still, the cloud is definitely something that any savvy business owner needs to examine closely as a potential option. It could mean the difference between flourishing in the next fiscal quarter and going under.

Posted in eTechTip - AP | Tagged | Leave a comment

Skimp On Data Protection And Pay The Price

We’ve said it time and again: Today’s cybercriminals are using more advanced technology than ever. And those malicious tools are becoming even more sophisticated at a breakneck pace. To top it all off, new software developments are enabling these criminals to cast wider and wider nets, targeting businesses that, before, would have flown under their radar. Companies small and large, of every type, are being infiltrated by vicious cyber-attacks across the world each and every day.

Even knowing this, business owners are tempted to cut costs and corners. When you’ve never had a breach, data security can seem like a distant concern, especially for a limited budget. But regardless of which digital barriers you put in place to protect your business, you can bet on one thing: One day, your security will be tested by an attack. Whether or not the hackers punch through could mean the difference between your company shutting down for good — as 60% of small businesses do in the six months following a cyber-attack, according to the Denver Post — and remaining solvent and secure in your position.

When you’re struggling to stay afloat or simply wanting to be a savvy spender, you may think the best way to lock down your data is to put one of your staff on the task or to do it yourself.

And sure, your team can conduct hours of research searching for inexpensive security. And you’ll almost certainly find something cheap with good reviews and a decent track record. You’ll figure out how to install the software across your system, complete with firewalls, server protection, antivirus and maybe a bell and a whistle or two. Perhaps you’ll even hold a meeting to educate your staff on the do’s and don’ts of cyber security.

“Use intricately constructed passwords,” you’ll tell them. “Don’t click suspicious links in your email.”

Then, after a few days of fiddling with settings and ensuring the security software is properly in place, you’ll forget about it altogether. After all, it’s already installed, and you’ve checked to make sure there aren’t any gaps in the system. It’s not something you need to constantly monitor.

A year later, your business has — miraculously — doubled in size. You’re finally reaping profits. Best of all, a recent news story has brought your company into the public eye, and brand-new leads are contacting you every day. For the first time since the company’s inception, you can breathe easy.

Then, one Monday morning, you log into your computer. For a second, everything seems to be normal, until an innocent-looking pop-up fills your screen. “Attention!” an eerie robotic voice barks from your speakers, “Your documents, photos, databases and other important files have been encrypted!”

Thinking it’s a hoax, you click into your server drive. To your dismay, you really are locked out of everything. So, palms sweating, you read the rest of the pop-up. It provides instructions to install the deep web browser Tor as well as an address for you to visit. When you go there, you learn that in order to recover all your data, including the credit card information of your customers, you’ll need to dish out $50,000 in bitcoin.

A year ago, you couldn’t afford adequate cyber security. Can you afford $50,000 in cash today?

Identical situations are unfolding every day, with people exactly like you. Back in April, CNBC reported that across the previous 12 months, half of all small businesses had been infiltrated by malicious hackers. “Cyber security is clearly a concern that the entire business community shares, but it represents an especially pernicious threat to smaller businesses,” wrote the Securities and Exchange Commission in a 2015 report. “The reason is simple: small and midsize businesses are not just targets of cybercrime; they are its principal target.” Cheapo security solutions might be fine for a lone browser surfing the web at home, but they are shockingly inadequate resources on which to base the entire success of your company, your livelihood and the livelihood of your employees.

Frankly, it’s irresponsible to lock your data behind a flimsy $5 firewall. Invest in robust cyber security solutions and secure the future of your company.

Posted in eTechTip - AP | Tagged | Leave a comment

You’re Better Off Giving Your Employees A $1,000 Bonus Than Being Cheap With Technology

Imagine, for a minute, that you’re the CEO of a scrappy, promising new start-up. In the beginning, it was just you and two other employees working on dinky PCs out of a 12-by-12-foot office, but times are picking up and the company is heading into the uncharted waters of rapid growth.

As the business moves into the public eye — and, in turn, the hungry eyes of potential hackers — it’s become obvious that you’re going to need to lock down your data. At this critical stage, a cyber-attack could mean the death of everything you and your team have built.

But the budget is looking lean. Everything you’ve done so far has been by the skin of your teeth, so why should security be any different? You put one of your more tech-savvy employees on the case, tasking him with finding the cheapest cyber security solutions available. Sure, he may not be an expert, but he understands computers. What could go wrong?

He scours the web, perusing dozens of “Top 5 Cheap Firewall Software” articles, and, with the help of a scrappy how-to guide, installs what seems to be the best of the lot on your servers and across all your computers. The entire process takes 10 hours, and costs the company next to nothing.

Potential crisis averted, you turn your attention to other matters. We’ll revisit our cyber security later, you think, once we have a little more financial wiggle room.

Across the following year, the company’s success skyrockets. The phone is ringing off the hook, new business is flooding in and your profit margin is exploding. You even ended up snagging a feature in Entrepreneur magazine. Your company is the envy of all your peers.

That is, until the day that you get hacked. One morning, an advanced strain of ransomware easily sidesteps your free antivirus and starts wreaking havoc. It slithers through your systems and locks you out of everything, from client data to basic Word documents, and encrypts it behind a paywall, demanding $50,000 in Bitcoin or you’ll lose access to all of it — forever.

You couldn’t make room in your budget for a robust cyber security solution. Well, how does that $50K ransom strike you?

This may sound like nothing more than a horror story, but in reality, this happens to business owners all over the world each and every day. An IBM security study from last December discovered that over half of businesses surveyed had paid over $10,000 in ransomware payoffs, with 20% paying over $40,000. And that’s not even including the millions of dollars of damage caused by other forms of malicious software every year.

The fact is, when your time, money and business are on the line, it simply doesn’t pay to be cheap when choosing your cyber security technology.

Think of it this way. Say, with your free antivirus, you’re “saving” $100 a month. Lo and behold, a virus manages to punch its way through and causes chaos throughout the company server. Even if you’re lucky and it isn’t ransomware, by the time you’ve managed to expunge the stubborn virus from your business, you’ll have put in countless man-hours, guaranteed to cost you more than that $100 a month. Instead of throwing those thousands of dollars down the drain, you’d be better off giving each of your employees a $1,000 bonus!

Free antivirus software, giveaway cyber-protection, or a $5 firewall seems like a great idea, until a hacker cuts through your company’s defenses like a warm knife through butter. These guys love when they see these outdated, cheapo barriers guarding your priceless data — those are the paper-thin defenses that keep hackers in business.

You wouldn’t buy a rusty, secondhand old lock for your house, so why are you installing primitive cyber security software to protect your most precious company resources?

In today’s world of rampant cybercrime, it’s inevitable that somebody will come knocking at your digital door. When that day comes, do you want a free piece of software that you saw on LifeHacker, or a tried-and-tested, up-to-the-minute, comprehensive security solution?

Don’t be shortsighted and risk everything just to save a quick buck. Invest in your company’s future, and protect yourself with the most powerful tools on the market.

Posted in eTechTip - PC | Tagged | Leave a comment

What Will You Do When This Disaster Hits Your Business? WE PRACTICALLY GUARANTEE IT WILL HAPPEN TO YOU

In today’s world of rampant cybercrime, every savvy business owner knows the necessity of locking down their data. However, we find that the cybersecurity technologies used by the vast majority of businesses are woefully out of date. Sure, your current solution may have worked great, but digital threats to the safety of your company are constantly evolving. Criminals will eventually attempt to breach your data — and your barriers are not as secure as you might think.

Before World War II, the Germans developed a technology that would prove to be a key player in the conflict: its family of infamous Enigma machines. These devices, about the size of a small microwave, were composed primarily of a typewriter and a series of three or four rotors. By using a set of rules contained in a corresponding codebook, German soldiers would use the machine to encode vital messages to be sent covertly over the airwaves. The number of potential permutations — and thus solutions — for the code was in the tens of millions. The Germans were confident that the code could never be broken and used it for a vast array of top-secret communications.

The code’s impenetrability didn’t last. Via photographs of stolen Enigma operating manuals, the Polish Cipher Bureau reconstructed one of the stubborn Enigma machines, internal wiring and all, enabling them to decrypt the Wehrmacht’s messages between 1933 and 1938. Facing an impending German invasion, Poland decided to share these secrets with the British. But, at the outbreak of the War, the Germans increased the security of the Enigma initiative by changing the cipher system daily. In response, a British code-breaking team, led by genius English computer scientist Alan Turing, constructed primitive computers, known as “bombes,” that allowed them to decrypt the incredibly complicated ciphers faster than ever before. But it wasn’t until the capture of the U-110 warship and the seizure of its Enigma machine and codebooks that the British were able to decrypt the most complicated cipher of the war, the Kriegsmarine Enigma.

The information gleaned from these decrypts are believed to have shortened the war by more than two years, saving over 14 million lives.

Just like you, the Germans believed the systems they had put in place to defend their secrets were impenetrable. And it’s true: the system had few cryptographic weaknesses. However, there were flaws in German procedure, mistakes made by Enigma operators, and failures to introduce changes into the Enigma formula — along with the Allied capture of key equipment and intelligence — that ultimately allowed the Allies to crack the code once and for all.

Take this as a cautionary tale: The most advanced, complex cryptography system in the world became obsolete within 10 years. The same goes for your potentially outdated cybersecurity measures.

Though they may not be led by Alan Turing and his crack team, you can bet criminals are constantly chipping away at the defenses of even the most powerful firewalls. The arms race between cybersecurity companies and cybercriminals rages on behind the scenes, and you can bet that they’ve already cracked your business’s “Enigma.” Just look at the massive European cyberattack this past June, which infected computers from over 27 companies across the continent, including those of the largest oil company in Russia, with ransomware. The unimaginable cost of that attack is something you certainly don’t want your business to shoulder.

As technology evolves, so does crime. New threats arise each and every day. While solutions are available (and needed), they are notably absent in older software developed at a time before these constantly morphing attacks even existed.

Once the enemy has found a way to pick your lock, you need a new lock. Luckily, you have your trusty IT provider, constantly on the lookout for cutting-edge solutions that protect our clients from even the nastiest malware.

Don’t be like the Germans. Constantly look at options to upgrade to more robust, better cybersecurity to defend yourself from the bleeding-edge hackers, and sleep safe knowing your business is secure.

Posted in eTechTip - PC | Tagged | Leave a comment

Why Your Current Anti-Virus, Backup, and Firewall Have Been Rendered Completely USELESS (And What You Need to Do About It)

At the end of World War I, German engineer Arthur Scherbius constructed a device that would become central in another worldwide conflict of unimaginable magnitude over 20 years later: the Enigma machine. The machines, which steadily became more complex with each iteration, consisted of a series of rotors that, by themselves, encrypted messages input via the attached typewriter. Each rotor performed a simple substitution cipher, but when run through multiple rotors, the encryption reached a staggering level of complexity.

Initially used for transmitting sensitive company secrets in the commercial sector, the technology was eagerly adopted by the German military machine prior to World War II. After war broke out across Europe once again, Enigma encoding became central to the operation of the Axis powers, used for sending vital, sensitive intelligence across the airwaves. Due to the complexity of the Enigma system, the Germans were certain that the code would not, and could not, be broken.

But the Germans were wrong. Using photographs of stolen Enigma operating manuals obtained by a German spy, the Polish General Staff’s Cipher Bureau managed to construct an Enigma machine of their own, enabling them to covertly decrypt substantial amounts of Axis intercepts. Ahead of the impending invasion of Poland, the Poles shared their knowledge with the French and British military to expedite the defeat of the Germans. A massive team at Bletchley Park in Buckinghamshire, led by codebreaking master Alan Turing, became the central location for Allied efforts to keep up with Enigma operations.

Germany, still convinced the code was fundamentally unbreakable, continued using Enigma for a wide array of communications. But even the most complicated four-rotor Enigma systems were eventually decrypted. Great pains were taken to ensure the Germans never learned their precious code had been broken, labeling any intelligence gained from Enigma as “Ultra,” keeping the significance of Bletchley Park’s operations under wraps. Ultra-intelligence was used sparingly to avoid German suspicion.

The efforts of the Polish Cipher Bureau, Alan Turing, Bletchley Park, and the hundreds of men and women who contributed to the cracking of the Enigma code were described as “decisive” in the
shortening of the war, and, at the high end, are estimated to have saved over 14 million lives.

Much like the Germans who assumed Enigma was uncrackable, most business owners believe their current, potentially outdated, cybersecurity measures will keep their data safe. But, in the contemporary age where digital information is as precious as gold, cybercriminals are working around the clock to penetrate even the most robust security solutions. You can bet they’ve already created a workaround for your current anti-virus. What was good enough before may not be good enough today. After all, it’s simply impossible that a security solution from even two years back could be equipped to defend your precious data from a cutting-edge hacking technology that didn’t even exist when it was created.

Today, companies that fail to stay abreast of the latest cybersecurity trends — clinging foolishly to their own Enigma — are certain to pay the price down the line. Once the lock is picked, you need a new lock, and criminals are cracking new locks each and every day.

Luckily, as your IT provider, we’re cybersecurity experts, and we constantly seek the latest and most robust security solutions. Don’t leave your company’s security up to a false sense of confidence. Always be looking at options to upgrade your digital security and make it a sure thing.

Posted in eTechTip - AP | Tagged | Leave a comment

The ONE Thing You Must Do to Keep Your Data Safe in the Cloud

How secure is your data? Cloud data storage is becoming a massive industry in this country, and many businesses and other institutions are putting their data into the cloud. Some of this data is pretty harmless. Other stuff — like hospital records, banking information, or company payrolls — are prime targets for bad actors. Is the cloud storage tradeoff worth it?

The short answer is yes, but only if your IT guy is encrypting your sensitive data.

Every cloud storage company you talk to will claim to take top-of-the-line security measures on behalf of your data. But that, in a nutshell, highlights the problem with cloud storage. Your data is entrusted to a third party for safekeeping. It’s possible that they’d do everything in their power to safeguard your information. But bad things, like ransomware, phishing, or just plain going out of business, do happen. And when they happen, it’s not the cloud storage company whose data is on the line; it’s yours.

Even if that doesn’t occur, let’s be honest. Most of the major cloud storage companies are based in the United States, the U.K., or France, where they could be subject to NSA snooping (or questionably legal surveillance from any other government entity). Despite the best efforts of many storage companies to prevent government intrusion, your data could still be at risk, even when it’s locked up tight.

This brings us back to encryption, which is the hands-down best way to protect your data, period. It’s just like locking sensitive data in a box, with a password needed to reopen it. Even if someone gets ahold of the box, if they don’t have the password, there’s nothing they can do with it. You can encrypt data yourself with free tools. There are a lot of encryption tools out there and you’ll want to make sure that you have the right one for your specific needs. If you ever need a recommendation, don’t hesitate to reach out and ask! We’ll be happy to provide you with the specific recommendation (free or paid) that fits your needs.

In addition, most cloud storage companies protect your data with their own encryption, but this isn’t as secure as encrypting your own information. That’s because the cloud storage company has the encrypted data in its possession, but it also has the keys to that data. If someone can get in, they can probably get the information they want. And a disgruntled employee — or just a hapless one — can also provide hackers access to the system through good old-fashioned human engineering.

If the cloud storage company is compromised (and it happens quite often), will your data be secured or unsecured? Well, if you’re encrypting your own data before uploading it, then the bad actors will open up the safe to find … a bunch of locked boxes. Pretty frustrating, right?

On the other hand, if you’ve trusted the cloud storage company to take care of everything, you’re going to have a bad day.

As you can tell, it makes sense to have your IT guy encrypt everything that gets put on the cloud before it gets there. But remember, just as your cloud storage provider is vulnerable, you can be vulnerable as well. It’s less likely that bad actors will target your company specifically, but if they want your data bad enough, they’ll go to great lengths to get it.

Many people have a misconception that these criminals will just use a magic program to crack your encrypted files. Decryption does exist, but it requires a lot of time and processing power. It’s far more likely that hackers will target your email or other aspects of your system and try to find out the encryption codes that way. And never forget that people are the weakest part of your IT security. Educate employees so they aren’t vulnerable to phishing scams, downloading questionable software, and visiting the wrong websites.

Present a “hard target” when it comes to your cloud storage, and seriously, encrypt your data before you put it online. If your IT guy isn’t doing that already, you need a new one.

Posted in eTechTip - AP | Tagged | Leave a comment

Amazon’s CEO Jeff Bezos’ Secrets to Avoiding Email Overwhelm

Do you look at your inbox and want to cry? If so, you’re not alone. According to widely cited Radicati Group research, the average person gets 120 business emails every day. If you don’t manage your emails, you could end up in another statistical majority. People spend at least 14 percent of their workday on email alone. Is it any wonder that a recent Harris Poll found that only 45 percent of our workdays are spent on actual work? If you’re looking for the solution to your email woes, start with some of Silicon Valley greats.

Bezos Delegates

If you want to watch a corporate team start to sweat, see what happens when they get a “?” email from Jeff Bezos. Business Insider reports that the notoriously easy-to-contact Amazon CEO will forward customer complaints to his people and add only a question mark to the original query. Getting that dreaded mark is a little like getting the black spot from Blind Pew the pirate. You know that a day of reckoning is at hand. Follow Bezos’ lead. Instead of answering all emails yourself, ask, “Can this be better handled by someone else?” Forward it to your team and save yourself the time.

Use Auto Replies

You can also use auto-reply tools to manage the flood. Tommy John CEO Tom Patterson did just that after his emails skyrocketed from 150 to 400 a day. He tells Inc.com that “there weren’t enough minutes in a day to answer all of them.” So he didn’t; he set up an auto-reply to tell people that he only checked email before 9 and after 5 — and to please call or text if it was urgent. The result? “It forced me to delegate and empower others to respond,” he says. Suddenly the flow slowed to a trickle.

Do You Get More Than Bill Gates?

And it really should only be a trickle; Bill Gates reports that he only gets 40–50 emails a day. Ask yourself, “Should I really be getting more emails than Bill Gates?” One possible cause for email inundation, according to LinkedIn CEO Jeff Weiner, is other employees sending too much email of their own. He writes, “Two of the people I worked most closely with ended up leaving the organization within the span of several weeks after they left I realized my inbox traffic had been reduced by roughly 20–30 percent.” If you have over-communicators in your ranks, ask them to tone back the digital flood.

Set Boundaries

Creating a hard buffer between your email and your life is another CEO tactic. Arianna Huffington doesn’t check her email for a half hour after waking or before going to bed, and she never touches it around her kids. That space to breathe is essential to maintaining a work-life balance. And if it gets bad enough? Etsy’s Chad Dickerson has a solution: email bankruptcy! He tells Fast Company that every few years, he just deletes everything and starts fresh!

Not all Silicon Valley gurus have it figured out, however. Apple CEO Tim Cook doesn’t get 120 business emails a day. No, according to an ABC interview, he gets closer to 700. He just gets up at the crack of dawn every morning and starts reading. Hint Water CEO Kara Goldin does the same thing, preparing for a 12-hour workday with a marathon email session. But as you can tell from the other people we’ve discussed, this is an exception, not the rule. Emulate Jeff Bezos or Arianna Huffington instead and watch your email stress melt away.

Posted in eTechTip - PC | Tagged | Leave a comment

The Dirty Loophole That Lets Insurance Companies Refuse to Cover a Cybercrime Theft in Your Business

As hacking hit the headlines in the last few years — most recently the global hack in May that targeted companies both large and small — insurance policies to protect businesses against damage and lawsuits have become a very lucrative business indeed. Your company may already have cyber insurance, and that’s a good thing. But that doesn’t mean that you don’t have a job to do — or that the insurance will cover you no matter what.

When you buy a car, you get the warranty. But in order to keep that warranty valid, you have to perform regular maintenance at regularly scheduled times. If you neglect the car, and something fails, the warranty won’t cover it. You didn’t do your job, and the warranty only covers cars that have been taken care of.

Cyber insurance works the same way. If your company’s IT team isn’t keeping systems patched and up to date, taking active measures to prevent ransomware and other cybercrime attacks, and backing everything up in duplicate, it’s a lot like neglecting to maintain that car. And when something bad happens, like a cyber attack, the cyber insurance policy won’t be able to help you, just as a warranty policy won’t cover a neglected car.

Check out this real life policy exclusion we recently uncovered, which doesn’t cover damages “arising out of or resulting from the failure to, within a reasonable period of time, install customary software product updates and releases, or apply customary security-related software patches, to computers and other components of computer systems.” If your cyber insurance policy has a clause like that — and we guarantee that it does — then you’re only going to be able to collect if you take reasonable steps to prevent the crime in the first place.

That doesn’t just mean you will have to pay a ransom out of pocket, by the way. If your security breach leaves client and partner data vulnerable, you could be sued for failing to protect that data. When your cyber insurance policy is voided because of IT security negligence, you won’t be covered against legal damages, either. This is not the kind of position you want to be in.

All of this is not to say that you shouldn’t have cyber insurance, or that it’s not going to pay out in the case of an unfortunate cyber event. It’s just a reminder that your job doesn’t end when you sign that insurance policy. You still have to make a reasonable effort to keep your systems secure — an effort you should be making anyway.

Posted in eTechTip - AP | Tagged | Leave a comment

The Most Common Ways Hackers Access Your Network

You are under attack. Right now, cybercrime rings in China, Russia, and the Ukraine are hacking into small businesses like yours to steal credit cards, client information, and swindle money directly out of your bank account. Some are even being funded by their own government to attack American businesses, and half of all cyberattacks are aimed at small businesses. The National Cyber Security Alliance reports that one in five small businesses have been victims of cybercrime in the last year. It’s critical that you protect yourself from the following 10 vulnerabilities.

  1. Poorly trained employees are the biggest risk. It’s common for an employee to infect an entire network by opening and clicking a phishing email designed to look like legitimate correspondence from a trusted source. If they don’t know how to spot infected emails or online scams, employees can easily compromise your entire network.
  2. We strongly recommend an acceptable use policy that limits the websites employees can access with work devices as well as work material they access with personal devices. We can easily set up permissions that regulate which websites your employees access and what they do with company-owned devices, even granting certain users more freedom than others. You also need to detail what an employee can or cannot do with personal devices when taking work home.
  3. Weak passwords are bad news; passcodes should be at least eight characters long with both lower and uppercase letters and include symbols and at least one number. On a company cellphone, requiring a passcode makes stolen devices harder to compromise. Again, this can be enforced by your network administrator so employees don’t get lazy and put your organization at risk.
  4. If your networks aren’t patched, new vulnerabilities (which are common in programs you already use, such as Microsoft Office) can be exploited by hackers. It’s critical that you patch and update your systems frequently. If you’re under a managed IT plan, this can be automated so you never miss an important update.
  5. Are you backed up in multiple places? Aggressive ransomware attacks, where a hacker holds files for ransom until you pay a fee, can be foiled by backing up your data. You won’t have to pay a crook to get them back. A good backup will also protect you against accidental deletion and natural disasters, and it should be automated.
  6. One of the fastest ways cybercriminals access networks is by duping employees to download malicious software by embedding it within downloadable files, games, or other innocent-looking apps. This can largely be prevented with a secure firewall and employee training and monitoring.
  7. Not all firewalls are created equal. A firewall blocks everything you haven’t specifically allowed to enter or leave your network. But all firewalls need monitoring and maintenance, just like all devices on your network, and a weak one does you little good. This, too, should be done by your IT person or company as part of their regular, routine maintenance.
  8. Many hackers exploit your devices when you connect to public Wi-Fi, getting you to connect to their Wi-Fi instead of the legitimate public one. Always check with a store or restaurant employee to verify the name of the Wi-Fi they are providing. And never access financial or medical data or enter your credit card information when surfing public Wi-Fi.
  9. It may be one of the oldest tricks in the book, but phishing emails still work. The goal is to get you to download a virus by clicking a link or getting you to enter your login information on a clone of a legitimate website.
  10. In 2009, social engineers posed as Coca-Cola’s CEO, persuading an executive to open an email with software that infiltrated the network. Social engineering is another old-school tactic, but, like phishing, it works well. Hackers pretend to be you, and people often fall for it.

If you are concerned about cybercriminals gaining access to your network, then call us to learn more about implementing a managed security plan for your business. You’ve spent a lifetime working hard to get where you are and have earned every penny and every client. Why risk losing it all? Get the facts and be certain your business, reputation, and data are protected.

Posted in eTechTip - PC | Tagged | Leave a comment
  • Categories

  • Categories

  • Archives