Are Cybersecurity and Internet Safety the same?

/in , /by

We use it, but we don’t think about it. Modern society is dependent on technology. Whether it’s your TV, the Internet, a laptop, or a phone, there’s no denying how much life has changed over the last two decades. This online access means that individuals and businesses need to be diligent about their Cybersecurity and Internet Safety.

We hear the terms cybersecurity and Internet safety, but are cybersecurity and Internet safety the same? The short answer is no. However, cybersecurity and Internet safety can incorporate many similar elements, and both involve online safety solutions. Yet, there are differences, which we’ll explore in this blog post. Essentially, internet safety is about individual people and their safety, while cybersecurity is more about securing devices or information held on systems.

Internet safety

When we talk about Internet safety, we refer specifically to an Internet user’s awareness of their online safety. This awareness reflects their knowledge of the security risks to their private information. Many users are unknowingly open to threats to online safety. Their data and identities are juicy targets hackers are after.

With the rapid growth of the Internet, many services became accessible to users from all over the globe. Unfortunately, as digital communication increased, so did the incidence of malicious use for personal gain. This risk is a huge concern for children and the elderly, but anyone can become compromised. Common safety threats include internet scams, malware, phishing, cyberbullying, cyberstalking, sextortion, and online predators.

The awareness of internet safety is an important step for individuals in their private lives. This also applies to businesses and their employees. The risks they face are not only personal but also impact their organizations.

Cybersecurity

When we talk of cybersecurity, we refer to how organizations and individuals reduce the risk of cyberattacks.

The core function of cybersecurity is to protect the device rather than the individual. This protection also incorporates the services accessed at work and online from damage or theft. Finally, cybersecurity is about preventing any unauthorized access to personal information stored online and on devices.

Three key differences between internet safety and cybersecurity

1. Internet safety is about the protection of people, while cybersecurity is the protection of information.

2. Poor internet safety means that individuals are vulnerable on a personal level. Poor cybersecurity means that a system is vulnerable to hackers.

3. Internet safety relies on strong passwords, mindful downloading, and careful posting on social media. Likewise, cybersecurity relies on features like firewalls, up-to-date software, and multi-factor authentication.

Protect your business with an MSP

While both internet safety and cyber security are important, it is cybersecurity that businesses need to focus upon. One wrong move and the whole business could be devastated. However, business owners can be proactive in protecting their organization and their assets by hiring a Managed Service Provider to assist with their cybersecurity and cybersecurity insurance.

Final thoughts

When a security breach can ruin your customers’ trust and your reputation, businesses must consider cybersecurity seriously. Bringing aboard a Managed Service Provider is a proactive way for business owners to ensure they have protection and the most appropriate cybersecurity insurance for their organization. Every MSP must stay up-to-date with the latest cybersecurity threats.

And for anyone who is ever online (most people!), it’s essential to know all about Internet safety too. View our Cybersecurity Resource to download our Internet Safety eBook.  This is a great resource for everyone: children, parents, older people, employers, and employees alike. If you have any questions, feel free to contact us.

Beefing Up Your Communication Security

/in /by
When it comes to personal or business data security, you must know how to spot bogus links. Recognizing fake email links that might lead to fraudulent pages is a challenge for many people. The fact that hackers are using more advanced methods makes it worse for all of us. That is why beefing up your communication security is very important for your business data. Indeed, hackers are using advanced methods to make the links they’re sending out will look legitimate. Unfortunately, this leaves people unsure of whether the link they’re following is legitimate or fraudulent. Luckily, there are ways to check whether a link is legitimate. That’s why, today, we’ll be looking at how you can incorporate spotting fake email links into your in-house security training. After focusing on fake links and their dangers in our previous blogs, today’s blog will summarize everything we’ve shown you so far. By doing so, we’ll help ensure you’re getting the right approach to your communication security and keeping everyone safe!

How Communications Technology Can Threaten Your Security

Modern communications technologies put many people at risk, and as a result, it’s crucial to be aware of how these risks threaten your security. There are many ways by which communications technology is problematic, and some of the risk factors include the following:
  • Text message scams which include fraudulent links
  • Emails sent to your address that include fake links to sites that seem genuine
  • Fraudulent links through social media and messaging apps leading to malware-infected sites
These are just a few of the most common communications technology threats. You and your staff should be aware of these possibilities when opening emails, texts, or social media communications.

Why Adding Fake Link Prevention to Staff Security Training is Crucial

If you have been considering your next staff security training, adding fake link prevention is critical. Your security training sessions give your team an ideal opportunity to learn more about the dangers posed by clicking on bogus email links. This extra step helps ensure that your team knows how to stay safe while completing their daily tasks. By doing so, you can protect your client data from the risk of security breaches while also preventing hackers from getting access to your business funds. Moreover, giving your staff information they need helps them avoid the risks of falling prey to fake links in their personal life. This knowledge increases the chance that they will stay safe in the workplace. Fewer data breaches will lead to better overall employee morale. After all – it’s a well-known fact that happy employees are more effective and efficient workers. This efficiency is not only good for your staff but also your business. As such, it’s pivotal for businesses to incorporate fake link prevention and protection strategies into their staff security training. This step can also protect your business data while ensuring that your customers have confidence that their data is secure. Meanwhile, it can also help boost your staff’s morale by teaching them to be safe and protected in their personal life. So, the benefits can be numerous!

Beefing Up Your Communication Security by  Staying Safe from Security Challenges

To stay safe and protected against security challenges, you should consider the following tips. These will help you avoid falling into the trap of fake email links, which could have numerous consequences for your personal and business security. First, it’s vital to check where the link in question will take you. This step is easy to do. To start with, if the anchor text is a visible hyperlink, check that this is legitimate by looking for any signs of fraudulent links. You should also check where the hyperlink is taking you by right-clicking on the link before following it. For example, if a legitimate website ends with .com, check that this hasn’t been tampered with in the link. An obvious sign of a false link would be if the address ends with .co.uk, .xyz, .club, or other uncommon domains. Second, check the sender’s details. You can search for email addresses and phone numbers online. If a quick search doesn’t yield much useful information, you could also directly contact the company. In this case, you should ask them whether this is their genuine contact number or address. Most companies will be more than happy to help! Finally, make sure you have your antivirus protection in place. Antivirus is surprisingly affordable nowadays. Your local IT service provider can help you choose the antivirus software that’s best for you. If you need help in beefing up your communication security contact us now!

Modern-Day Communication, The Dangers Behind It

/in /by
When it comes to IT security solutions, there are a large number of threats facing us. Modern-day communication technology has opened up a massive amount of potential for people; however, it also poses a significant threat in terms of security. Threats are increasingly advanced as time passes by, and this is endangering the safety and security of our data and private information. That’s why we have come up with this blog. We want to bring light to the dangers of modern security and how you can get professional support to avoid these risks.

How Advanced Modern-Day Communication Systems Endanger Our Data

Modern-day communication systems have transformed how we live our lives. However, these modern technologies have opened us up to a great deal of risk with our security. Many employees are at significant risk by using modern communication technology because they don’t understand the danger. Fortunately, though, our team is on hand to help you learn more about these threats. We’ll also discuss what makes internet communication risky and how you can protect yourself against these threats.

Employees are Spending More Time on Technology

A critical risk for people is that we are all spending more time on our electronic devices. Technology is a constant part of our lives. People spend more time on technology and the internet than ever before. That means the risk posed for their security is also growing. Internet security has never been more important, simply because we are all spending more time on devices. By spending more time on communications software, we are putting ourselves at a greater risk of losing our data to hackers and security breaches. Unfortunately, criminal methods used to get access to our data are becoming more sophisticated. It’s not easy knowing a genuine link from a dangerous or malicious link intended to harm us.

How Hackers Trick us into Exposing Our Devices

Hackers are becoming increasingly aware that their old tactics aren’t working as well as they once did. Yet, with the rise of advanced security systems, many hackers face new challenges to continue their devious ways. Now they are turning to communications systems for opportunities. This tactic is something that has taken the world by surprise, particularly during the Covid-19 pandemic. Indeed, with the arrival of the pandemic, the world switched to online shopping almost overnight. As such, hackers quickly took advantage of this new opportunity for gaining access to personal data. This shift represents a severe security risk that is putting people at risk today.

Fake Delivery Messages: The Most Common Security Challenge

The most notable of these scams at present are the fake delivery messages. These scams have become incredibly common, and because so many of us have been ordering products online, it can be easy to fall into this trap. Indeed, most fake delivery messages require users to follow a link to “reschedule” an order that failed to arrive. But, of course, these ungenuine links are taking us directly to websites that are malicious in some manner. In some cases, they merely request us to pay a small sum of money and nothing more. But this is the lesser of many evils. Other scams include collecting personal data and even compiling card details, leading you to a substantial loss of money. As such, the risk posed by these fake delivery messages is staggering.

Email Attachment and Social Media Communication Security Scams

Another common scam that people should be aware of when it comes to communication security is email risk. Indeed, hackers are becoming increasingly crafty with the phishing and malware emails they are sending. These emails, designed to fool people into thinking that they’re sent from a legitimate sender, encourage the reader to visit the linked site. In turn, this can lead to malware or phishing software downloaded onto the device. Naturally, this can cause you a great deal of distress. Another common form of this scam is from hacked social media accounts. If you get a strange message from a friend or contact on social media, especially if it links to an external video or website, you might find that it takes you somewhere that infects your device.

Final Thoughts About Modern-day Communication

In any of these scenarios, the risks posed by communication security challenges are very much real. When using any communication technologies, be aware of the potential risks you could be facing. If you need any help in regards to internet security feel free to contact us.

Clicking Fake Links, The Horror Behind It!

/in /by
When it comes to using the internet, you know how things can go wrong. We all like to think that our online activities are safe and protected. However, the reality is that hacking methods are increasingly creative to get people to clicking fake links. As such, today, we’re here to draw attention to the horror stories that occur when people fall for bogus email links and the best tips for fake link prevention.

What Are the Dangers for Business Owners Clicking on Fake links?

An increasing number of businesses are targeted daily to trick them into clicking fake email links. Hacking methods are getting more and more creative. As such, recognizing which email links are legitimate and which are not can be incredibly difficult – and as such, you should always be alert when using communications software to make sure you don’t fall into these traps. Fake links come with numerous associated dangers. That’s why, today, we’ll be looking at a few of the implications that falling for these traps can have.

Loss of Personal Data

You must protect your data at all costs. Personal data includes information such as your name, address, date of birth, and banking info. Hackers use this personal data to target you. Your stolen information can create fake identification and credit cards. This data is also commonly sold on the dark web to bidders who collect personal data of this type. Consequences associated with the loss of personal data are irritating and a nuisance. However, if hackers use your data for false identification, the consequences for you could be severe. After a breach, you may find yourself in thousands of dollars of debt. Or, quite possibly, your bank account drained. As such, fake links prevention is imperative for protecting yourself from personal data losses.

Financial Data Losses

Financial losses are the most common, as this is the primary goal of the hackers. One of the most common forms of fake email links is the increase in home deliveries resulting from the Covid-19 pandemic. This trick is a relatively simple scam. Hackers will send texts to thousands of random phone numbers. These texts inform the reader that their delivery failed, and a small redelivery fee is needed to reschedule. This form of fraud is usually opportunistic and low-value. However, some hackers will gather financial data and hack bank accounts or take out loans. This scam, in turn, gives criminals full access to your money. It’s easy to see where the risk lies. Another potential threat from clicking on fake links is that the website could download malware onto your device. Malware can gather data about your personal and financial information. Once again, hackers use the breached data to access your financial records. As we’ve seen, this can lead to substantial losses. Whether the information is volunteered readily or taken by force, these are risky situations to correct. As such, awareness of the best fake link prevention strategies is everyone’s goal.

How to Avoid Fake Links

Fake links are, unfortunately, all too common. Hackers are using these tactics more regularly, and they are also becoming more creative in their attempts. For the average employee, fake link prevention is increasingly difficult. Recognizing these dangerous email links is a genuine challenge for many people. Being aware of avoiding dangerous email links and protecting your precious personal and financial data is more crucial than ever. There is a lot of pressure on employees these days. Luckily, our team is on hand to give you a few tips to help you avoid falling prey to malicious hackers. First of all, before clicking any links in messages, emails, or on social media, make sure to check the URL to ensure it looks legitimate. Hackers use this common tactic to convince people to click on a fraudulent link. Often, this will be something as simple as changing the domain from .com to .xyz or .club, or something along these lines. Many people won’t recognize this subtle change, so it’s always worth checking before clicking unknown links. Next, check the link’s source. If you have any doubts about the sender’s legitimacy, navigate to the supposed firm and send a request to their official customer support team. They should be happy to answer whether the email address is a legitimate one. As a final protection, make sure you have the best defence in place for your device! Having anti-virus software and an updated firewall is crucial protection. Don’t leave this to chance. If you have any questions and need help please contact us. We are happy to help!

Spot Fake Links In Your Emails

/in /by
Opening unknown links can be a risk factor for your business and staff. As a result, more and more business owners have incorporated fake link prevention strategies into their security training. We’ve come up with a few tips to help ensure that your staff members have the critical information on how to spot fake links. This training can help prevent hackers from gaining access to your business. In cases like this, it is better to be proactive rather than reactive after a breach.  

How to Spot Fake Links: Brief Staff Security Training Guidance

If you have been considering covering bogus links with your staff security training, you’ll want to consider the following how to spot fake link prevention tips. These security training tips will help to give your staff the tools they need to stay safe and protected against the dangers posed by malicious links.

Staff Security Training Tip #1: Check URLs Before Following Them

One important tip for your staff as part of their security training is to check all URLs. A URL is the web address that you follow when you click a link. A common trick used by hackers to make the URL seem authentic is to use a similar URL mimicking a legitimate website. For example, one switch would be disguising bogus links by changing the website name from ‘example-site.com’ to example_site.com.’ This tiny change often goes unnoticed but could lead to your staff getting caught by a fake link.

Here are more examples:

If you regularly deal with Amazon, you’ll notice that their URLs look like these: orders@amazon.comservice@amazon.com, or membership@amazon.com But bogus URLs will look like these: hurry@amazon-$75.combuddy79@my_amazon.com, or service@amazon-helpmenow.com Often, the URL won’t contain the name of the sender at all. You may see URLs like these: clickhere@davisneedsshoes.orgholographic_iris@$9di4!wow.net Question any link that seems out of place. If your staff doesn’t check these carefully, it can be easy to fall into a trap. As part of this staff security tip, make sure they’re aware to check both the name of the link and check where the hyperlink goes. Hackers can easily disguise malicious links as legitimate links by using a website name as the anchor text. But, instead of taking you to the legitimate website, the link redirects you to a fake site. Luckily, checking the destination of a hyperlink is easy, especially on computers; simply right click and you’ll get an option to see or edit the hyperlink.

Staff Security Training Tip #2: Don’t Open Unknown Emails

A second crucial tip is to ensure that your staff does not open unknown emails. For many people, this is not easy to do. After all, how can you tell whether a sender is legitimate or not? It’s easy to understand why this is so difficult. Some people struggle to decide whether the contact details for a firm are legitimate addresses or not. Luckily, we have a few tips for this. Firstly, for text messages and telephone contacts, look up the telephone number from the source. A quick search will often give you the information you need to know. Most companies will have these numbers listed on their website’s contact details. Alternatively, if the phone number is not legitimate, many sites now exist to display shady phone numbers; as such, searching the phone number alone may be enough information to help you decide if the text was legitimate. As part of checking a sender’s identity, you can also search for a specific email address to see if any information comes up. Most companies will have their contact email addresses displayed on their website. Check If the email address in question is on the website so you can confirm that the links are legitimate. If the exact email address does not appear on the website, you should question its authenticity. If you struggle to find the correct information directly from a search, don’t be afraid to contact the company in question. Most companies are more than happy to help if it means preventing a scam from occurring in their name. Checking the legitimacy of the phone number or email address is one of the best ways to check whether a link is legitimate or fake. Ensure that your staff knows to do this for any communication containing a link.

Staff Security Training Tip #3: Get the Best IT Support and Antivirus Software

As a third and final tip for your security training, we cannot stress the importance of good anti-malware and antivirus solutions highly enough. Having these in place and installed on all of your devices can provide a good security backup. This practice is vital in case someone accidentally follows an illegitimate link that tries to download harmful software. Antivirus software is highly affordable nowadays and doesn’t take long to set up in your office. If you have any questions about this, contact us today. We will help you find the best antivirus software for your needs, as well as offer training to your staff.

Is Your Company Already on a Hacker’s Watchlist?

/in /by

As a business owner, you are already aware that your company might be vulnerable to attacks by hackers. Your concern is justified because 65% of cyber-attacks are aimed at small businesses. There is a good chance a hacker is using sophisticated software to try and hack your network right now.

 

Even if hackers haven’t found a way into your system yet, you can be sure that they are trying to find a way to:

  • send emails from your email servers that destroy your company’s reputation (spam, porn, confidential customer information, etc.)
  • gain access to your accounting and banking systems
  • or steal your data and hold it hostage (ransomware) until you pay them an exorbitant amount of money to get your data back.

 

Did you know that it takes an average of six months for businesses to realize that they have been, or are being, hacked?

 

After the hack is discovered, it can weeks 6 – 8 weeks disable and remove all the threads of the attack. The attack is removed, but the damage has been done. How long does it take to restore a damaged reputation, or to be trusted again by a vendor or customer who was affected by your hack?

 

 

So, why do hackers target small businesses? Some of the reasons are obvious, and some may surprise you.

Here are 4 reasons why small businesses get hacked:

 

  1. Under the Radar

Not every hacker wants to be famous. Most don’t care about getting their conquests splashed all over the news.

 

Hackers attack small businesses because these companies are less likely to report security breaches and more likely to pay the ransom.

 

Reporting a breach is damaging to the company’s reputation. A company might prefer to deal with the damage or pay the ransom rather than go public. In fact, in one study, 53% of companies paid the ransom immediately. In addition, what many companies find out is that, even if they report the breach to the police, law enforcement agencies are not cybersecurity experts and can’t be of much help.

 

  1. Complacency

Every business has to prioritize spending. Initiatives that grow the company’s revenue and profitability are the priority. IT upgrades and advanced cybersecurity services and tools aren’t an immediate need so they don’t make the top of the list.

 

Unfortunately, the reality is that your old security software is not “good enough” to stand up to today’s sophisticated cyber-attacks. “Good enough” makes you an easy target.

 

  1. Employees inviting viruses and hackers

This one is shocking. Research from Stanford University found that 88% of ALL data breaches are caused by employees. Here are a few of the most common ways employees invite trouble:

  • Weak/reused passwords – Weak and/or reused passwords are asking for trouble. Because of our bad habits, it’s best to require strong passwords that must be changed periodically
  • Access control – When we start working with a new client, we frequently find that front line employees actually have access to company financial and payroll information even though they’ve never looked for it. Their access has not been restricted to only what they need.
  • Failure to install updates – Installing updates is a pain and occasionally cause problems, so updates are put off indefinitely.
  • Email attachments – An employee opens an email attachment that unleashes a virus on the entire network and they don’t even realize it.
  • Unlocked doors – Your system may not require new files to be scanned for viruses/malware (i.e. files received in email or on flash drives). It’s like having a flashing neon WELCOME sign.

 

Small companies don’t have the advanced skills required and training happens rarely, if ever.

 

  1. You’ve been hacked before

Hackers are like sharks: they can smell blood in the water from miles away. Once the word gets out that you’ve been hacked, and that you’ve paid the ransom, you’ll have hackers lined up around the block. Like a lot of criminals, hackers are looking for the path of least resistance. Once they hear you’re an easy target you’d better prepare yourself for all kinds of cyberattacks.

 

Take Action

It takes work to be ready in today’s cyber landscape. The steps include:

  • a comprehensive cybersecurity strategy
  • staying up to date on the latest hacking practices
  • acquiring, maintaining and using the latest cybersecurity tools
  • a scheduled data backup system that also verifies the backup up data is not corrupted
  • training your employees on what to look out for and what to do

 

Almost every day there are news stories about companies getting hacked, big companies paying millions in ransom. Companies like Apple, Amazon, Target, and Facebook can afford the best security available, yet they still get hacked.

 

What you don’t hear about is the small businesses shutting down because they’ve been crippled by a cyber-security breach. A shocking 60% of small businesses that are crippled by a cyberattack will not recover.

 

 

Make cybersecurity a priority for your business and you’ll increase your chances of staying off a hacker’s watchlist.

 

Information technology is a tool. If we can help you navigate your way to a more productive, efficient and safe operations, accounting and/or IT system, then you can focus on growing your business.

 

If you’re serious about protecting your company from being crippled by a cyberattack, check out our website or contact us. Ask for Tim Adornetto to get your no-cost, no-obligation system analysis.

 

IT Benefits and Threats – A Quick Guide to Being Prepared

/in /by

Technology is changing at a rapid pace and technology threats are coming fast and furious.

 

How well is your company doing to keep up with these changes and challenges – especially the threats that you don’t even know about yet?  Some threats to your IT well-being are simply failures to identify the warning signs.  Other threats are more severe.  You may already have malware inside your IT system and you may not even know it.

 

For example:

  • Is one of your servers sending messages about an imminent hard drive failure to a log file that no one reads?
  • Has one or more of your computers been infected with a virus that is waiting for the right time to unleash the damage?
  • Is a hacker logging every key pressed on an employee’s keyboard including passwords for your operations and/or accounting system?

 

Even if you are a small business, your IT network is the lifeblood of your business. It’s not recommended to put your network in the hands of an employee who has had to learn how to add users or change passwords. The safety and security of your network is at risk.

 

Even if you have an IT team maintaining your systems, when is the last time they did a training session?  Six months ago? 2 years ago? Can’t remember?

 

Because the technology and the risks are changing constantly, IT people need regular training on security, networking, server operations, desktop operations, software, etc.   Very few IT people have the capability of absorbing and mastering all of the different specialties.   Just like you don’t expect a foot doctor to perform brain surgery, you don’t hire a desktop person to secure your network.

 

There is a Better Way

 

Consider using a Managed Services Partner (MSP). There are many benefits:

  • You get the entire MSP team and all their combined knowledge and experience in their areas of expertise. They know how to maximize your team’s productivity and protect your IT system from the latest technology threats.
  • Many MSP agreements are fixed price agreements (read the fine print as to what is included). You can budget for a fixed price each month and know that your technology is being managed and that threats are being prevented or detected before they cripple your company’s network.

 

  • You want no downtime. Downtime costs you money. Your MSP doesn’t want you to have downtime either because it costs them more to fix a problem than it does to prevent a problem. The MSP’s interests are aligned with your interests. You both want a well-functioning system with no downtime.

 

At first glance, an all-inclusive MSP agreement looks expensive. However, consider what you already pay for less service, the costs for your IT system to be down for one day – or three days and the expense to fix what is broken.  And, if you get breached, the costs will multiply.

 

A fixed fee, all-inclusive MSP agreement is friendly to your budget and it provides peace of mind. You have a knowledgeable IT partner making sure your IT assets are healthy and protected.

 

At CCS, we don’t want to benefit from your business pain. We want to share in your increased productivity, profitability and your success.  If you are looking for an IT partner and not just the low-cost computer fixer, check out our website.

 

In the meantime, check out our latest video below (1 minute, 17 seconds) for a quick look at the benefits of finding the right managed service partner.

 

Are You Happy With The ROI of Your Information Technology Person/Team/Provider?

/in /by

One of our clients (for the sake of privacy we’ll call them Acme Distribution) started with a “break-fix” IT strategy. Acme had computer equipment, a network and some knowledge about how to fix simple issues (resetting passwords, adding a user, etc.).

However, when more complex issues came up (e-mail not working, printers not printing, hardware failures, viruses and network issues), Acme paid service providers to fix those issues. Some months the cost was minimal. Some months the cost was tens of thousands of dollars.

One month a relatively new computer virus cost the company $28,000 because all but a few computers were infected, including their server. Their systems were down for 3 days and only partially working for 3 more days. The costs of system downtime, lost productivity and customer dissatisfaction was in addition to the $28,000 in fees paid to fix the problem. Acme estimated their total cost for this incident was more than $70,000.

There is a Better Way– But Beware!

Acme wanted to find a way for their IT expenses to be stable and predictable. They looked into managed services contracts. They interviewed three companies and entered into an agreement with a provider at what they thought was a reasonable price.

Unfortunately, what they found out was that managed services providers provide two levels of service. In the fine print of their agreement, they discovered they had entered into a network “monitoring” agreement.

Acme’s provider “monitored” their network and provided support up to five hours per month. In the third month of their agreement, after a problem that involved both hardware and a network problem, Acme received an invoice for $18,134 for support above and beyond their “fixed price” agreement.

Beware of the low-priced managed services “monitoring” agreement.

In the following few months, Acme considered hiring two IT employees because they believed it might be less expensive than paying an outside provider. However, they soon realized that their internal solution would be expensive and limited to the knowledge of their two IT employees.

Acme’s CFO attended a webinar about managed services agreements that were truly flat fee, no-surprises agreements. He asked for a proposal and experienced sticker shock when reviewing the proposal. The agreement included everything including hardware replacement for a flat monthly fee – guaranteed.

As he read the proposal, he was shocked to discover that the network assessment done on their IT systems by the professional level managed services provider showed:

• Out of date virus software
• a Trojan horse virus that had given hackers remote access to their accounting system.
• 4 viruses (not yet active) that got into the network by employees copying files from flash drives
• Three network hard drives that were sending alerts about their imminent failure (all at least five years old)
• a cloud-backup solution that had stopped working

If there was any good news, Acme was lucky their system had not (yet) been attacked by ransomware. Ransomware locks and encrypts the company’s data and then demands payment to unlock and decrypt the data.

In the end, after adding up all the costs, lost productivity, risks and likely future issues/costs, Acme found that an all-inclusive, flat fee professional level managed services agreement was far less expensive than any other solution. In addition, it’s a much better solution than relying on the current knowledge of two IT employees with limited knowledge.
Consider your options:

• With “break-fix” agreements, you get low cost, but you take all the risks
• With a “monitoring” agreement, it’s no different than the CHECK ENGINE light on your car’s dashboard
• When you consider:
o the risks, potential downtime, data loss and lost productivity
o along with the assurance that you IT system is always protected and up to date
o AND the peace of mind you’ll have instead of wondering what will go wrong next
a fixed price, no surprises managed services agreement is probably the most cost effective route to go.

If you’re interested in exploring your options, contact us. We would be happy to help.

Natural Disasters and Data Recovery Plans

/in /by

We don’t want to think about possible negative situations when it comes to our lives or our businesses. Planning for disasters means that we’re able to quickly recover from their consequences. In our previous blogs on data disaster recovery, we’ve covered how to plan for disasters and what types of disasters to consider when writing a data recovery plan. In this blog, we’ll take a look at the main points as a refresher.


The key elements of data recovery plans

A good disaster recovery plan will have assigned roles and responsibilities to different team members in advance. Planning ahead should ensure there is no time wasted when a disaster occurs. Having clearly defined roles means that team members can get on with their tasks quickly to mitigate the effects of a disaster.


Another important point is the identification of which assets are critical to operating the business. In a disaster, you need to know which things to protect and sort out first to enable business operations to continue. If someone spends too much time dealing with a puddle on the floor instead of dealing with customer calls, for example, your business could be in turmoil.


Backing up data is a must for every business. You’re on a dangerous path if you don’t have a plan in place for regular data backups. After all, you can’t recover your data after a disaster if you haven’t backed it up. Businesses must also consider whether they need to back up their IT infrastructure using a ‘cold site’ (a basic version of their infrastructure off-premises) or a ‘hot site’ (up-to-date data backups). As you can guess, the more data you back up, the better off you’ll be.


Types of disasters to plan for

It’s difficult to plan for any eventuality; however, there are certain things that all businesses should consider.


Disasters can include technological disasters like:


• Data breaches
• Hacking
• Ransomware

Or natural disasters like:


• Earthquakes
• Tsunamis
• Volcanoes
• Flooding
• Tornados
• Pandemics

The impacts of any of these disasters are huge. Essentially, they can result in a business completely folding. Depending on the type of disaster, there could be all sorts of consequences. For example, the loss of supply chains, loss of assets and buildings, loss of life or personnel, and the loss of data. Since these consequences can be disastrous, it’s important for all businesses, regardless of size, to have contingency plans for disasters.


Planning for disasters

Businesses need to have contingency plans for dealing with disasters of every possible type. Different companies will, of course, have different needs.  However, some things are necessary for all businesses to include in their data recovery strategy plan. These include data, insurance, finances, resources, personnel, technology, compliance requirements, and the supply chain.


Types of disaster data recovery

There are a variety of options when it comes to data recovery. Perhaps the simplest method is backup. Your data is stored on or off-premises, or both for extra safety. However, relying solely on data backup gives minimal protection for businesses. If there is no backup of the IT infrastructure as well, there could be even bigger issues.


An effective data recovery plan needs strategies and procedures for backups. You should know who will perform the backups and how often they will be done. Those responsible for data backups must also work out the business’s recovery time. Calculate the amount of time the organization can be ‘down’ after a disaster and work from there.


The data recovery strategy should be tested and updated continually to protect the business from new threats. In this way, the business will be able to navigate challenges successfully. Planning a response to a cyberattack ahead of time will make sure your team will know what to do.


Final thoughts

Whatever your business and size, the ultimate aim is to ensure you’re well protected and have plans in place for any type of disaster. If you’re struggling to finalize your plans or even start writing one, get in touch with us for a free consultation.

Do You Have A Data Recovery Plan?

/in /by

You might be aware that disasters of varying types can have devastating consequences on businesses. The key to mitigating such occurrences is to have a data recovery strategy plan in place. This means that you have a structured and documented approach detailing how your organization can resume work quickly after an unforeseen disaster. This is an essential tool for your company’s continuity plan and applies to all parts of the organization that is dependent on your IT infrastructure. This data recovery plan will help you resolve any data loss and will allow the recovery of your system’s functionality. This means that you can continue operating your business with minimal disruption.

Types of Disasters to consider

Potential disasters are plentiful. We’re not just talking about hacking and data breaches, but natural disasters too. Being able to handle disasters efficiently means there will be minimal impact financially. Having a data recovery strategy plan will allow you to ensure that all requirements for compliance are met. The plan will also provide a clear recovery roadmap. Here are some of the potential disasters that might affect your businesses:

• Building disaster (Fire, power outage, etc.)

• Communication failure (Due to data breach, hacking or natural disaster)

• Application failure (Outdated hardware, viruses, etc.)

• Datacenter disaster (Hacking, data breach, natural disaster)

• City disaster (Earthquake, tornado, flood, etc.)

• Regional disaster (Power grid outage, wildfires, etc.)

• National disaster (Epidemic)

• Multinational disaster (Pandemic, computer viruses, ransomware)

You can see that this list covers lots of different types of disasters. It’s worth noting, however, that it’s not exhaustive. When making data recovery strategy plans, businesses need to consider their potential individual circumstances. If you’re based in the Midwest, for example, it’s very unlikely that your business will be affected by a volcanic eruption. But there are other natural disasters like floods or tornados that are more likely to happen. With that said, the 2010 Iceland volcanic eruption had repercussions worldwide, so you never know!

Considerations for your Data Recovery Plan

A data recovery strategy plan should begin at the business level. You need to determine what infrastructure is most important to your organization. The plan should implement an RTO (a recovery time objective), which describes how much time each application could be down for as a target.

A data recovery strategy defines your business’s plan for incident response. To determine your optimal data recovery strategy, you must consider the following issues:

• Resources (both facilities and personnel)

• Finances

• Insurance

• Data

• Technology

• Risks

• Compliance requirements

• The supply chain

How to write a Data Recovery Strategy Plan

A business can start its plan by prioritizing a list of contacts and vital software programs so that the most important information is easily and quickly accessible.

The data recovery plan should define each team member’s role and responsibilities in the recovery process. This is so there is no panic or time wasted should an unexpected disaster occur.

There are many important points to write into a data recovery plan. These include:

• A policy statement or statement of intent.

• Specific tasks assigned to staff.

• Goals of the plan.

• Passwords and other authentication tools essential to data recovery.

• Geographical factors and risks appropriate to the local, regional or national area.

• Advice on dealing with the media.

• Legal and financial information with points of action.

A history of the plan – and any amendments that have been made to it.

As you can see, being prepared for these events is not difficult, but it will take some time. It is, however, very important that you take the time to complete it. You should also run through the plan in a mock rehearsal. That way you’ll find out if you’ve missed any steps or if there are gaps in your plan.

The bottom line is, you want to be as prepared as possible for any disaster that causes data loss. After all, keeping your doors open when other’s can’t sure makes you the popular choice over your competitors.

If you need advice or want help to build your data recovery strategy plan, don’t hesitate to contact us. You can book a consultation at any time.