Posts

Why a business continuity plan is essential

What can an ostrich teach you about business continuity? As it turns out, a lot.

In their book, “The Ostrich Paradox: Why We Underprepare for Disasters,” authors Howard Kunreuther and Robert Meyer make the case that ostriches get a bum rap. The classic image of the big bird with his head in the sand gives the impression that ostriches deal with risk by ignoring it.

In reality, ostriches do a pretty good job of mitigating risk. They can’t fly, but they can run at amazing speeds. They can also kick hard enough to kill a lion.

The trick to disaster preparation is to approach it like an ostrich. Know where you’re susceptible to loss and counter those potential weaknesses with a solid plan.

Heads in the Sand

Three out of four small businesses have no disaster recovery plan at all. Unpleasant though it is, think about that for a moment.

There are innumerable things that can go wrong. Natural disasters are both unpredictable and potentially catastrophic. Fire can raze a building to the ground. Viruses can bring networks to their knees. A data breach can expose your entire system.

Disaster comes in all shapes and forms. No business is immune, regardless of size, legacy or location. And a lack of preparation can be devastating.

The High Cost of Downtime

Of the organizations without a business continuity plan, 90% permanently close their doors within one year of a disaster.

The real killer here is downtime. Consider what it would cost if your business grinds to a halt. Just one day of downtime could leave you reeling for weeks, throwing off profitability and productivity for the entire organization. By one estimate, downtime costs small businesses up to $8,600 per hour.

Unfortunately, that’s just one aspect of the cost. Downtime also impacts employee satisfaction, which in turn impacts productivity. And then there’s your reputation to consider. How will your customers feel about you if given the impression that you aren’t reliable?

Business Continuity in Action

By contrast, organizations with robust business continuity plans stand out when others struggle. That’s because a business continuity plan allows you to bounce back, whatever the nature of the disaster. It’s a failsafe you hope you never have to use, but one that can literally save your business.

There are three advantages that come with a business continuity plan.

First, you’re protected against the losses associated with downtime. For example, employees can log in remotely, able to work even if your office isn’t accessible. Automated tasks continue to perform. Your customers aren’t left in a lurch, suddenly without your services. Instead, you’re able to continue doing business, even in the midst of a genuine crisis.

Second, your data is safe. Any solid business continuity plan will include some form of backup and recovery option. That means even if every hard drive in your office simultaneously stops working, you don’t lose a single spreadsheet.

Finally, you get the intangible (but powerful) benefit of peace of mind. You won’t have to worry about worst case scenarios. Rather, you’ll know that even if disaster hits, you’re ready for it.

Creating Your Business Continuity Plan

Developing the kind of business continuity plan that provides real protection takes some know-how. This isn’t one of those times a do-it-yourself approach will suffice. You want someone with serious credentials to walk you through the process, ensuring every base is covered.

CCS Technology knows disaster recovery. We’ll take the time to understand how your business functions. From there, we’ll put together a plan that takes into account every kind of contingency. Should the unthinkable happen, you’ll be in the best possible position: prepared.

Maybe it’s time to put together a business continuity plan for your organization. If so, we’re here to help.

 

Closing the most common cybersecurity holes

Are you sitting down? We’re going to begin with an alarming stat.

Half of all small-to-medium-sized businesses have encountered at least one cyber attack. Wait. It gets worse. In cases involving theft of data, SMBs spent an average of over $955,000 to recover from the attack. Even for businesses that do post profits in the millions, nobody wants to drop that kind of money on a cyber attack.

There’s a host of things you can do to protect your business from cyber criminals, but one of the most important security measures is easy to overlook. A staggering number of cyber attacks start by targeting one specific weak point: your employees.

The average user may not be aware of the creative, devious ways hackers work. To give your business an instant cybersecurity boost, start by educating your people.

If you’re wondering what your staff needs to know, you’ve come to the right place. Below, you’ll find several critical tips and tricks any SMB can put into play immediately. While a cybersecurity training session may not be the most exciting way to spend an hour, the stakes are high and the information is priceless.

Be (a little) Paranoid

First, tell your people, candidly, to ditch the “it won’t happen to me” attitude. Even tech savvy folks get duped from time to time. In the ever-changing world of cyber crime, there’s no room for arrogance. A little paranoia is appropriate.

Alert aware iconIn general, assume there are people outside your organization who want your data. Assume they want access to your network. Assume they’ll go to impressively creative measures to get it.

That doesn’t mean you have to avoid the internet at all costs. Email, web services and remote access are all necessary tools. You can’t take take your business back to the Stone Age and still be successful.

Instead, shoot for balance. Make sure your employees know the same time-saving, profit-generating technology they use every day can be turned against them. Cultivate an awareness of the possibility of cyber attack.

Security is a shared burden. Everyone on the team needs to pitch in.

“123456”

If you want to see an IT guy cringe, tell him you use one password for everything, and it’s “123456.” When he’s done convulsing, he’ll most likely launch into a tirade about password security (and justifiably so!).

Tech news sites routinely warn of the dangers of using “123456” and “password” for web services, but both of those examples still show up on lists of the most commonly used weak passwords.

Hidden predictable password

What makes for a better password? Several things:

  • Passwords should be long. The generally agreed upon minimum length is 12 characters. The shorter the password, the easier it is to crack.
  • Passwords should be unique. Don’t use the same password for multiple services. If you do, one security breach can easily turn into dozens of security breaches.
  • Passwords should be complex. Include numbers, letters, and symbols. Steer clear of dictionary words as much as possible. And, no, obvious substitutions (like using a zero in place of an “o”) don’t do nearly as much to discourage hackers as one would hope.

Of course, passwords also have to be memorable, which is one reason why so many employees use low security passwords. To get around that issue, consider using a password manager. LastPass, for example, makes it a breeze to up your password game.

Stranger Danger!

Email SecurityEmail is a prime point of entry for malware, phishing and ransomware attacks. Seemingly legit downloads and links can lead to epic cybersecurity breaches. Even if your email server scans inbound messages for dangerous content, don’t make the mistake of assuming every clickable option is safe.

Warn your employees to only download files from people and companies they know and trust. Also make them aware of the hazard of links. Cyber criminals capitalize on curiosity to worm their way into networks. No matter how interesting the article, or how cute the kitten pictures, strongly encourage your staff to never click on email links from unknown senders.

Other Tips

Consider the above the big three. If you only have a few minutes with your employees, those are the tips you should share first. If you can carve out a bit more time, here are some other areas worth covering.

  • Updates Are Your Friends. Way too many people ignore update notifications. Even if you’re right in the middle of a flow, churning out work, when your software or operating system requests permission to apply an update, do it. Keeping your tools updated is a basic rule of cybersecurity.
  • It’s Good to Share. In this case, we’re talking about sharing to a local server or the cloud – AKA, backing up your work. Never rely on a single version of any file. All your data should be duplicated somewhere secure.
  • Lock It Down. When an employee walks away from their workstation, they should always lock it. Not only will that protect staff from . . . interesting aesthetic changes applied by coworkers (think David Hasselhoff desktop wallpaper), but it also adds an additional layer of security. Lock computers when not in use, especially if guests are frequent in your office.
  • Know Your Network. When you’re mobile, be careful about the Wi-Fi networks you use. Public networks are convenient, but not always safe. Be discerning. And never use an open, unknown network. That’s just asking for trouble.

Go over these cybersecurity tips with your employees, not just once, but repeatedly. Bad cybersecurity habits are hard to break. Frequent reminders will help you close some of the most common holes in your network security, helping to stave off costly attacks.

If you’d like even more help shoring up your cybersecurity, the expert team at CCS Technology can help. We know what it takes to protect businesses. To find out more about how we can help, contact us today.

 

Why a business continuity plan is essential

What can an ostrich teach you about business continuity? As it turns out, a lot.

In their book, “The Ostrich Paradox: Why We Underprepare for Disasters,” authors Howard Kunreuther and Robert Meyer make the case that ostriches get a bum rap. The classic image of the big bird with his head in the sand gives the impression that ostriches deal with risk by ignoring it.

In reality, ostriches do a pretty good job of mitigating risk. They can’t fly, but they can run at amazing speeds. They can also kick hard enough to kill a lion.

The trick to disaster preparation is to approach it like an ostrich. Know where you’re susceptible to loss and counter those potential weaknesses with a solid plan.

Heads in the Sand

Three out of four small businesses have no disaster recovery plan at all. Unpleasant though it is, think about that for a moment.

There are innumerable things that can go wrong. Natural disasters are both unpredictable and potentially catastrophic. Fire can raze a building to the ground. Viruses can bring networks to their knees. A data breach can expose your entire system.

Disaster comes in all shapes and forms. No business is immune, regardless of size, legacy or location. And a lack of preparation can be devastating.

The High Cost of Downtime

Of the organizations without a business continuity plan, 90% permanently close their doors within one year of a disaster.

— Small Business Trends

The real killer here is downtime. Consider what it would cost if your business grinds to a halt. Just one day of downtime could leave you reeling for weeks, throwing off profitability and productivity for the entire organization. By one estimate, downtime costs small businesses up to $8,600 per hour.

— Aberdeen Essentials

Unfortunately, that’s just one aspect of the cost. Downtime also impacts employee satisfaction, which in turn impacts productivity. And then there’s your reputation to consider. How will your customers feel about you if given the impression that you aren’t reliable?

Business Continuity in Action

By contrast, organizations with robust business continuity plans stand out when others struggle. That’s because a business continuity plan allows you to bounce back, whatever the nature of the disaster. It’s a failsafe you hope you never have to use, but one that can literally save your business.

There are three advantages that come with a business continuity plan.

First, you’re protected against the losses associated with downtime. For example, employees can log in remotely, able to work even if your office isn’t accessible. Automated tasks continue to perform. Your customers aren’t left in a lurch, suddenly without your services. Instead, you’re able to continue doing business, even in the midst of a genuine crisis.

Second, your data is safe. Any solid business continuity plan will include some form of backup and recovery option. That means even if every hard drive in your office simultaneously stops working, you don’t lose a single spreadsheet.

Finally, you get the intangible (but powerful) benefit of peace of mind. You won’t have to worry about worst case scenarios. Rather, you’ll know that even if disaster hits, you’re ready for it.

Creating Your Business Continuity Plan

Developing the kind of business continuity plan that provides real protection takes some know-how. This isn’t one of those times a do-it-yourself approach will suffice. You want someone with serious credentials to walk you through the process, ensuring every base is covered.

CCS Technology knows disaster recovery. We’ll take the time to understand how your business functions. From there, we’ll put together a plan that takes into account every kind of contingency. Should the unthinkable happen, you’ll be in the best possible position: prepared.

Maybe it’s time to put together a business continuity plan for your organization. If so, we’re here to help.

 

5 disaster recovery tips from aboard the Battlestar Galactica

In the year 2003, SCI FI Channel (now Syfy) aired a successful mini-series remake of the 1978 series, Battlestar Galactica, which launched the 2004 Battlestar Galactica series. In the plot of the mini-series, we have perhaps the most potent argument for a disaster recovery plan of any single piece of entertainment media.

A quick refresher: The beginning of Battlestar Galactica (2003) sees humanity at the height of culture and on the cusp of a digital revolution. The Twelve Colonies are comfortable and they are progressing. To top it off, humans have enjoyed a 40-year armistice with their sworn enemy, the Cylons.

The Cylons are a cybernetic race of soldiers and workers who had rebelled against humanity during a 12-year war and then disappeared into space.

During the mini-series, the Cylons return to rain down unholy hell on the Twelve Colonies, effectively destroying most of humanity via nuclear assault and…cyber warfare.

Meanwhile, Captain William Adama prepares to decommission his storied ship, the battlestar Galactica, which will soon be transformed into a museum.

So what does Battlestar Galactica have to do with your business network? Everything. The Cylons are able to destroy the Twelve Colonies by exploiting the exact same weaknesses that hackers use to destroy businesses every day.

Let’s take a look at what the Cylons did, and how Captain William Adama of the Battlestar Galactica is able to rescue humanity with the help of a disaster recovery plan.

The Nefarious Plan of Cylons and Cyber Attacks

In order to destroy the Twelve Colonies, the Cylons attack on two fronts. First, they make a physical attack with calculated nuclear strikes. Second, they carry out a catastrophic malware attack which renders nearly the entire military of the Twelve Colonies useless.

The Cylons carry out their cyber attack by seducing a human (literally, with a sexy spy model indistinguishable from humans) and using his credentials to access the military network. Then, they upload malware to the network that shuts down most of the battlestars, smaller ships, and other military units, and even drives them to attack and destroy one another.

The digital warfare perpetrated by the Cylons is nothing short of brilliant, and it is cataclysmic to the human race. In a short time, most of the human race is destroyed.

Cyber attacks on your business work the same way. For instance, malware will attack your network by either recognizing weaknesses in your digital infrastructure or by hiding in attached documents. With a few catchy subject lines, hackers are able to “seduce” your own employees into downloading dangerous material.

Even as vicious cyber attacks have become commonplace, end user education still falls behind the techniques of cyber criminals. Human error and insider threats remain a particular weak spot in the world of cybersecurity.

In one report that compiled 20 years of data, ITIC found that human error is the cause of 70% of data center incidents.

Whether it’s a sudden influx of downtime costing $100,000 per hour, or a major data loss incident racking up more than $18,000 for only 100 records, the financial losses can be as devastating as a Cylon attack. In fact, that type of loss can be outright fatal after experiencing a significant data loss incident.

So how did Battlestar Galactica continue for 75 episodes after the Cylons wiped out most of humanity?

Battlestar Galactica, Humanity’s Backup Plan

Commander William Adama was a man of extreme practicality, which some might say bordered on paranoia. As commander of the Battlestar Galactica, he insisted that the ship remain disconnected from the military network and prohibited any upgrades to digital interfaces. While the rest of the world became increasingly more connected, the Galactica was completely self-sufficient.

Adama’s disdain for the digital was more than an inability to adapt to evolving times – he in fact had his reasons. Adama knew that the Cylons had every tactical and strategic advantage in a digital world. They were created to out-process and out-think humans. He specifically kept his ship offline because he wanted to be able to maintain command if the central network was compromised. Boy, was he right on the money.

At the time of the Cylon’s attack on the Twelve Colonies, the battlestar Galactica was hosting an eclectic mix of military personnel and civilians to cover the ship’s decommissioning. Those aboard the ship went on to consist of most of humanity’s survivors.

For most of the remainder of the show, Adama must outthink the Cylons, flee their ranks, and ascertain the identities of the near-human Cylons that seek to infiltrate his ranks.

It is estimated that around 50,000 people lived aboard the ship at the beginning of Adama’s command of the survivors. By maintaining a command that was isolated from the main network, Adama is able to preserve humanity.

Backup and disaster recovery is an essential element of maintaining the longevity of your business. Just as Adama’s analog ship is able to maintain humanity, you should always back up your network in different places, both on your network and off your network.

In addition to Adama’s triumph for humanity’s future existence, the command structures are able to create a new government to guide the survivors beyond Adama’s military lead.

You should also have a disaster recovery plan, including a chain of command that ensures immediate response and establishes near-term operations and communication.

If you’re making a checklist, add a few of these things that we’ve learned from Battlestar Galactica:

  1. Back up your data
  2. Implement cybersecurity solutions
  3. Prepare and execute a Disaster Recovery Plan
  4. Don’t trust strange emails and attachments
  5. Trust the professionals

“So say we all.”

There are many other ways that Battlestar Galactica shows us what to do in the event of a disaster. We’d love to talk to you about them when you call us or send us a message.

You can also couple this article with our recent Star Wars Weapons Can Help You Find the Best Backup and Restore Plan for Your Business and The Top 5 Reasons to Prepare Your Business Continuity Plan.

Star Wars weapons can help you find the best backup and restore plan for your business

You can create the best cybersecurity, cloud, and help desk solutions, but in the event that a disaster strikes your business, none of that will matter if you are not operational. Estimates of the cost of downtime range from $8,600 for small businesses to $100,000 for larger businesses. To avoid these astronomical costs, many businesses turn to an alternate site to backup and restore business operations.

Smooth operation of your business depends on a consistently reliable physical location for your employees and your equipment. To understand the three primary forms of backup sites – cold, hot, and warm – we’re going to examine three of the famous weapons from The Star Wars Saga.

Wondering what weapons have to do with a backup site? Allow me to explain.

Here’s the scenario:

You are a young Jedi Padawan during the Clone Wars. Your name is (First Name=take your real first name and add a hyphen somewhere at random, Last Name=the first syllable in your mom’s maiden name), and you have been on the trail of bounty hunter Cyb Rattack on the planet Datalos. Unfortunately, you have lost your lightsaber. What’s a Jedi to do?

The Blaster: the Cold Site Weapon

If you’re going to have any chance of stopping your enemy, you’re going to need a new weapon. If you’re limited on funds, you’ll probably want to opt for a good old-fashioned blaster.

A blaster is nothing like the graceful lightsaber, but at the very bare minimum it will get the job done. With a few extra credits and some elbow grease, it can easily be modified to meet your specific needs.

This is the same concept as a cold recovery site. If your office is hit with a disaster, you can choose a cold site to get back to business, but this is definitely the bare bones approach.

A cold site will most likely have only space, power, and utilities. You’re starting from scratch here. A cold site, like a blaster, is perfect for those who need something affordable that will do the trick – albeit sans all bells, whistles.

The Lightsaber: the Hot Site Weapon

When Anakin Skywalker loses a lightsaber, he doesn’t settle for a blaster pistol, he immediately finds or procures a brand new lightsaber. In fact, most young Jedi have to construct their own lightsabers as a ritualistic rite of passage.

The Lightsaber is not a cheap weapon. The construction of this beautiful laser sword requires a lot of effort, and even on the open market, it will cost quite a bit. If you have the credits and the time, it is the number-one best option for your next weapon. The same goes for a hot recovery site.

When you opt for a hot recovery site, you are getting all of the top-notch recovery services available. Your recovery site will be specifically designed to mirror the infrastructure of your original business, allowing for a seamless transition and eliminating expensive downtime.

The hot site will already have all of your data transferred, and will require no time delay in resuming network functions.

The hot recovery site, while the most costly of options, is the closest you will get to operating out of your original business location. This may not be a viable option for all businesses, but it is definitely the premium option, and best when seamless restoration is a necessity.

The Vibrosword: the Warm Site Weapon

If you’ve seen the newest Star Wars movie, The Last Jedi, you’ve seen the red-clad Praetorian Guard fight a wicked battle using vibroswords. These weapons, which utilize an electrically charged blade, are the only swords that can stand up against a lightsaber.

If you happen to have a decent amount of credits, but not enough for the real thing, you could purchase a vibrosword. This weapon is capable of superior movement, though it will involve less grace than a lightsaber and more of the chaos of nature. It is a perfect hybrid of the minimalism of a blaster and the power of a lightsaber.

You were most comfortable with a lightsaber, and it will take some effort getting to know your new weapon.

A warm recovery site is very similar. With this option, you’ll find an internet connection and available servers for network transfer, but there will be a brief delay while you move over network functions. Where the cold site was basically an empty room, the warm site will often include workspaces for key staff who may be displaced.

The warm recovery site won’t break the bank and you’ll end up getting more functionality, response and productivity with your space.

Use the Force

Unfortunately, backup and data recovery is something 3 of 4 businesses aren’t planning for.

Becoming familiar with the available weapons in your backup recovery arsenal will help you choose the best option for your business when the time comes.

Please give us a call or send us a message and we’ll share some more information about how a backup site would work for your business.

You’re also invited to check out our recent whitepaper on the best business continuity plans. We’re happy to help, no strings attached.

The top 5 reasons to prepare your business continuity plan

The last thing you want is to go out of business in the event of an unforeseen circumstance. A business continuity plan is essential for modern businesses in any industry. Regardless of what kind of technology you use, think of this plan as a blueprint for keeping your business running in the event of a major disaster.

Disasters come in many forms, including natural disasters, human error, cyber attacks, and insider threats. The worst disasters always have the same effect: stopping your business dead in its tracks.

Sometimes, it’s hard to really conceptualize the importance of a continuity plan without looking at what happens if you don’t have one.

Take, for instance, the Great Chicago Fire of 1871. Urban legend has it that the conflagration started when Mrs. O’Leary’s cow kicked over a lantern in the family barn. The fire’s origin is debatable. The aftermath, however, is well documented and devastating by any standards.

The Great Chicago fire completely destroyed 3.2 miles in the heart of Chicago, rapidly consuming homes and businesses. The inferno resulted in the death of 300 citizens, the destruction of 17,500 buildings, Of the 300,000 residents of Chicago, 100,000 were left homeless.

The 185 firefighters employed within Chicago were ill-equipped to handle the ferocious spread of the fire, which was attributed to a drought as well as the mostly wooden construction of the city’s buildings, roads, and sidewalks.The total cost of the fire was estimated at $222 million, or roughly $4.6 billion today.

When a disaster this large happens, the only way for a business to survive is to have an understanding of what needs to be protected, how you want to respond, and which practices to follow to continue operations. Here are the 5 most important things to focus on when putting together a continuity plan.

1. Minimizing Downtime

The primary reason for a business continuity plan is to eliminate downtime. 75% of businesses don’t have any sort of business continuity plan or disaster recovery plan. Skipping out on a continuity plan is not only reckless, but extremely expensive.

ITIC’s latest survey data finds that 98% of organizations say a single hour of downtime costs over $100,000.Those aren’t numbers to be ignored. Whether you suffer a natural disaster or a cyber attack, the only way to stay in business is to continue your work as soon as possible. Otherwise, you may very well go out of business.

2. Protecting What’s Important

A business continuity plan should detail the necessary components and data that will keep your business running. This involves inventory of backup devices and cloud services, as well as an outline of your data backup specifics (when and where) and an overview of how company assets will be handled when disaster strikes.

3. Communicating with Confidence

One of the primary benefits of creating a business continuity plan is to establish a state of order amid the chaos. Your plan should focus on a chain-of-command delegation of responsibility, and should include reliable communication channels prioritized for contacting employees, partners and customers to minimize breakdowns in collaboration and service.

4. Resuming Operations

The goal of any business continuity plan is to get you back in business as soon as possible. Many companies have taken the extra precaution of utilizing backup and recovery sites. These are off-campus facilities where your business can be relocated to continue operations regardless of any damage or limited access you may experience.

These sites run the gamut from “cold sites”, which are bare-boned facilities without any installed operations, to “hot sites”, which are exact duplicates of your current operations.

5. Ensuring Your Recovery

A recent report finds that 60% of small businesses close within 6 months of a significant cyber attack. But this doesn’t have to be you. Implementing a business continuity plan to your current backup and data recovery solutions will allow you the peace of mind that even if disaster strikes, you don’t have to become a statistic.

We Are Here to Help

CCS Technology Group would be happy to help your business create a specific business continuity plan. We have proven experience developing solutions that will keep you in business no matter what outside forces may arrive.

It’s important to plan ahead. It might just save your business.

Give us a call or send us a message to learn more.