In our digital age, gathering information online is anything but difficult. It is imperative for both to keep information from landing in the wrong hands. Read on to learn about the crucial need to keep data safe, the threats to data privacy, and what to do about it.
The Importance of Data Privacy
A basic definition of data privacy is keeping confidential data confidential online and on computer systems. Privacy of information applies to collected personal information including medical and financial records, customer payment data, and customer data obtained from websites. Medical and financial data especially are subject to stringent regulations on access and security, and many companies indicate on their website how they use customers’ data in the course of business (if they don’t, they should). Personally identifiable data can be kept safe through encryption, and multi-factor authentication–for example, a password and at least one security question.
Awareness of Threats to Your Data
Ideally, basic measures to keep data private would be enough. But both existing and new threats continue to increase. For example, in recent years automated calls (“robocalls”) have proliferated, increasing more than tenfold in the last few years. Of the three to five billion robocalls each month, at least 40% are thought to be fraudulent. And phone calls are just one way bad actors attempt to steal your data. Phishing schemes via text or email can also be a way to get unsuspecting recipients to give up personal data that can be used for fraud or even penetrating company computer systems with malware. According to CompTIA, phishing scams account for more than 80% of security incidents, and users are often the “weak link” that allow the attacks to happen.
How to Protect Your Data
Even with threats escalating, you can protect your company’s data, customers and reputation. The FCC has recently addressed robocalls with STIR/SHAKEN, a technology framework designed to reduce fraudulent robocalls including ones using “spoofing” to mimic a legitimate phone number. Fraudulent calls will be designated as “potential spam,” which helps keep recipients from being tricked into giving up personal information. Along with STIR/SHAKEN, making your staff aware of phishing emails and texts can keep them and your business from possibly giving fraudsters valuable information. Phishing emails can often appear as urgent requests for help or information, or threaten consequences if the recipient doesn’t act. These emails should be reported, and then deleted, to remove the danger of clicking a dangerous link and introducing malware into your computer system.
While threats continue to grow, there are ways to protect your business. For help in protecting your confidential data, contact us today.
Data breaches have become so common that they are no longer news. Gartner predicts, “as more companies look to benefit from data, there will be an inevitable increase in data use and sharing missteps.” However, organizations that have a culture of ethics for data use will be better prepared to avoid such mistakes, and to handle them well if they do occur. Read on to learn how your company can have not just a data protection plan, but a culture that revolves around protecting the personal data of your customers.
Protecting Your Business and Your Customer’s Data
In spite of the occurrence of data breaches, your company can be protected. If you haven’t already done so, you might draw up a data-protection plan that will address what to do in case of a breach. Ideally your organization will already have technology in place to prevent data breaches–tools such as updated antivirus and anti-malware definitions and network monitoring, for instance. Hopefully, there is also a culture of ethics around use of customer information, including transparency with customers about what is done to protect their personal data.
Countries and entire regions, such as Australia and Europe, have put legislation into effect to protect customers. Europe’s GDPR mandates a notification within 72 hours of a data breach. Australia’s Consumer Data Right gives its citizens the right to delete information that is no longer needed, as well as stopping data collection at any time While the U.S. has no nationwide law, individual states have their own regulations. For example, California gives their residents certain rights under the California Consumer Privacy Act, such as the right to opt out of having their data sold. The CCPA also sets forth steep monetary penalties for failing to protect customer information. Businesses are required, among other things, to have a conspicuous link for customers to click in order to opt out of having their personal information used. Regulations may vary, but their intent–the protection of data–is similar.
Using Legislation as a Data Protection Template
Even in areas without this legislation yet in place, businesses can develop a robust plan based on such standards. Topics to address in this plan can include what your company will do in the event of a data breach, and whether data will be shared with third-party vendors. One task for companies is to inventory their vendors; smaller vendors might not have rigorous rules for handling data.
To protect your company from the consequences of a data breach is vital. To develop a plan for protecting your customers’ data, or to fine-tune one you already have, contact us today.
Hurricane Dorian is just one event that can potentially affect a business’s access to its data and reemphasizes the importance of having a data protection plan in place. Other events can have the same effect—cyclones, earthquakes, and hurricanes–suspending business operations for days or weeks. Even a brief power outage can put your company at risk, not to mention the threat of cyberattacks. Read on to learn more about keeping your business’ data safe and accessible.
Reasons to Safeguard Your Data
Data can be considered the lifeblood of your business, enabling transactions as well as access to customer or patient records, and containing a company’s intellectual property. Loss or compromise due to corruption by malware and viruses, or even a brief outage, can result in costly downtime. Not only that, a company can suffer a loss of revenue and even reputation. If subject to industry regulations, a business can incur fines for revealing personal information. These consequences can be prevented with a solid data protection strategy.
Assess Data Protection Needs to Develop Your Plan
A data protection strategy starts with assessing your business’ needs. Consider first which data and applications are mission-critical for keeping the business running—for example, phone communications, Internet, and email. Depending on your business type you may need to comply with certain regulations—HIPAA, for example. Consider natural hazards common to your area, and whether you want your data to reside on-premises, or in a cloud data center. With your data in the cloud, it can be accessed remotely and without interruption. If using the cloud, decide which environment is best, whether public or private.
Test Your Plan and Involve Your Staff
Once your data protection plan is in place, test it regularly to make sure it works. An added benefit is that a test can show any gaps or potential problems, giving you a chance to correct them. It can serve as a good “dry run” for a real disaster. Educate your employees about what practices to follow to protect company data, including how to recognize and report phishing attempts.
While data protection incorporates numerous practices and procedures, its bottom-line purpose is preserving your company’s revenue and reputation. For help developing your data-protection plan, contact your trusted technology advisor today.
In the last week, two earthquakes have shaken southern California, alerting us to the need to have our businesses prepared for a disaster, whether natural or manmade. Not only can fires, floods and earthquakes cause business interruptions, but so can systems failures, human error, malware and ransomware attacks. It’s never too soon to evaluate what needs to be done to prepare your business for a disaster. And a disaster doesn’t have to be large-scale; a power outage of an hour or two can be enough to stall business operations. Read on to learn about the most important things to do before an emergency
Make Data Protection a Key Part of Business Continuity
Data is the lifeblood of many businesses, its loss or compromise affecting their ability to do business. Data is needed for transactions and communications, among other functions, and even a short period of downtime can have a potentially disastrous impact on revenue and reputation. When considering the data protection aspect of your business continuity plan, focus on your mission-critical data and applications. What do you need in order to stay in business during a disaster, or recover afterward? Perhaps it’s customer records, or an in-house research database. Be sure to get mission-critical data backed up first, so your business can continue operating. Make sure there is failover—when one network backbone falters, another picks up the slack.
Different Methods Can Achieve the Same Goal
While the ultimate goal is to remain in business without compromise of revenue or reputation, different methods exist to realize this goal. However, one common thread is the idea of storing data offsite, in the cloud or in geographically diverse data centers. Throughout the working day, “snapshots” can be taken of business activity, and copies placed in these data centers, which adds an extra layer of security. Software-defined wide area networks (SD-WAN) are another good option, with multiple carriers providing redundancy and reliability. Finally, storing data in the cloud can help you access it in case you can’t get physical access to your office. Many tools exist for helping minimize the impact of a disaster.
Instead of waiting for a disaster to slow or stop your business operations, learn how protecting your data can keep your business running during and after a disaster. To evaluate your preparedness and make strides toward business continuity, contact your technology advisor today.
Cyber attacks and data breaches are regularly in the news, and often come with a loss or exposure of customers’ data and a loss of reputation to the business. Large, well-known businesses are often in the headlines; small to medium-size businesses, however, are just as much at risk. Knowledge of cybersecurity practices has yet to keep up with new threats. According to CompTIA’s 2018 Trends in Cybersecurity report, “Businesses with fewer than 100 employees are far more likely than their larger counterparts to feel that their IT security is simply adequate or unsatisfactory. Without a deep resource pool to lean on, smaller firms struggle to address new facets of IT security.” To learn more about protecting your data, read on.
The Importance of Data Protection
When a cyberattack occurs, customer data can be either lost or get in the hands of cybercriminals. As a result, customers can lose trust in your company to keep their data safe, data that is generated through online interactions with your company. How do you protect this data, your relationships with your customers, and your company’s bottom line? Your business may also be subject to regulatory compliance, such as following GDRP, HIPAA or PCI-DDS. As ever, it’s important to keep antivirus and anti-malware definitions up to date and to monitor your network. Backing up data in the Cloud is also an option to consider. But just as important is to develop a culture of cybersecurity in your organization.
Develop a Culture of Cybersecurity
Managers and CEOs can set the tone for a culture of cybersecurity by emphasizing the benefits of data protection. Not only does it keep customers safe, it can keep employees safe, too. Educate your employees about every individual being an end-user, both at work and outside of work. Remind them of the importance of protecting their own data on social media, and how it’s easier to prevent a breach than repair the effects of one. The same goes in the workplace. Data protection can help keep the business running and keep employees working effectively without experiencing downtime.
Training employees doesn’t have to be a one-time event, nor does it have to be dull. Inventive executives can create incentives and rewards, such as the confidence that they are protecting the company and themselves or giving a prize to the first person to accurately recognize a phishing attempt.
Assess Your Current State of Security
A good place to start is to assess your current level of data security; an audit of your computing resources will help you know where you stand. Contact your technology advisor today to start on the road to data security.
With technology growing by leaps and bounds, and regulations assigned to protect the data generated by this technology, you need a business continuity and disaster recovery plan in place to determine how that data is collected, protected, analyzed and stored. Read on to find out how to protect your company from data loss and its consequences.
Why You Should Care About Data Protecting Your Data
According to COMPTIA, data protection will be a key trend in 2018 and beyond. Businesses will continue to generate large amounts of data; for some companies, regulations such as PCI, GDPR and HIPAA require protection of data and plans for business continuity in the face of potential data loss. Even without the need for compliance to regulations, businesses need access to their data even in the event of a natural disaster or a cyberattack.
How Much Downtime Can you Afford?
The average cost of downtime is $5,600 per minute. Not only that, but if your business is inaccessible during a flood, fire or other disaster, or simply a power outage, customers can lose confidence in the product or service you provide. Even more serious is the prospect of confidential data being lost or exposed. Having a plan in place can make the difference in whether your business stays in business.
What to Include in Your Plan
How much data can you afford to lose, and how long can you be without it? The best plan provides for storage and restoration of data during and after a disaster. How long can your systems be down before it affects profitability? How will you restore data that is lost? A robust plan is one that enables your company to retrieve lost data as quickly as possible. Data can be stored on-premise on a server, or in the cloud, or a combination of both. Once you have a plan in place, test it to make sure it works, and verify it periodically to make sure all your data is accessible.
Having a plan for business continuity can keep your business in business during a disaster and afterward. If you do not yet have a plan, or if you’re not sure the plan you do have is optimal, contact your trusted technology advisor today.
Data security needs to operate on more than one front. Not only does your network need to keep data secure, it needs to respond to threats both inside and outside the business. There are numerous protections, including current anti-malware and anti-virus software and operating system patches, to keep your network stable and secure. Read on to find out how operating system patch policy can be part of your data-protection plan.
The Role of Operating System Patches
Operating system patches are updates that help maintain the stability and security of your network. These updates come out on a regular basis and are needed to keep systems working. Typically, operating system patches are frequently available, although older operating systems past end of life may no longer have patches. Windows 7 and Windows server 2008 are next up for end of life in January of 2020. Some are vital to your mission-critical systems and must be accessed immediately, while others may pertain to less-vulnerable systems, and can be postponed.
How a Service-Level Agreement Can Help Protect Your Data
Instead of trying to choose which operating system patches need to be installed now, let your managed service provider take over. Draw up a service level agreement that specifies what services the managed service provider can take care of, including backup, data recovery, network security updates, and operating system patches. Keeping your systems—including operating system patches—current helps protect your data and prevent downtime. The MSP can detect and resolve many problems remotely, outside of business hours. Problems can be solved before they result in downtime for your business, and a reputable IT business can help to prevent a potentially expensive problem before it even starts.
Your network is only as strong as its most vulnerable point. Talk to your technology advisor today about how a service plan, including current operating system patches, can help keep your business running smoothly.
Many companies start their budget this time of year. As you are thinking about strategic investments, consider how you can leverage technology to improve customer service, make your employees more productive, and possibly save money. Here are a few considerations for next year’s technology budget.
Your network is the backbone of your technology infrastructure. Growing demand for high bandwidth activities including Communications and Collaboration, Call Center and Cloud Backup all require a bullet-proof network. What’s more, a number of advancements in Software Defined Wide Area Networking (SD-WAN) could save you a bundle. Consider having a network assessment or Telecom Expense Audit to see if you can save on your communications and networking costs next year.
Fixed Priced IT
If you haven’t deployed Managed Services to augment your technology infrastructure, you might consider how you could benefit from this model. By proactively monitoring and managing your infrastructure, your systems will work better and your cost of systems updates and support will be fixed.
The economic model of Cloud Computing allows companies to avoid unnecessary capital expense (CapEx) and use operating expense to subscribe to a range of Cloud Services. Software as a Service (SaaS) provides the latest version of your popular productivity applications, and Infrastructure as a Service (IaaS) offers a consumption model for scalable computing power.
Cyber threat, privacy data breach, human error and natural disasters can put your business at risk. Having a solid data protection plan helps businesses avoid the unnecessary downtime, fines, legal fees, and loss of reputation associated with data loss.
There are many ways to invest in the future of your business. Technology infrastructure is one of them. Consult your technology advisor now to get input on your planning for next year.
Recent Hurricanes Harvey and Irma, along with major earthquakes in Mexico, remind us how vulnerable we can be to disasters, and underscore the importance of data protection. As businesses depend on access to a range of systems–including call center, communications and collaboration application, customer management, and more–having a solid data protection plan can help you in a disaster recovery scenario. Now more than ever, a range of options exist to help maintain business continuity. Here are a few options to consider.
Review Your Data Protection Plan
Key to your data protection plan is identification of mission-critical systems. The most important systems should be redundant, with the ability for failover in the event of a disaster. Your data centers and failover options should be geographically dispersed and on different network backbones. This can minimize downtime and get you back up and running sooner. Having your data backup available in Cloud Storage can help you recover other important files and application data if you lose access to your on-premise systems.
SD-WAN for Business Continuity
Software-defined wide area networks (SD-WAN) can also provide you a highly reliable and redundant network. Having the ability to switch Wide Area Networks using SD-WAN as an alternative to more costly MPLS solutions can ensure connectivity during a natural disaster. What’s more, Software-Defined Wide Area Networking can save you money in the long run by giving you the flexibility of a multi-carrier solution.
Software as a Service for Disaster Recovery
More businesses are turning to the Cloud for a range of applications–hosted email, Voice over IP (VoIP), Call Center, and others–to keep communications flowing during a disaster. Using Software as a Service (SaaS) for these important communications and collaborations applications keeps your employees, customers and business partners connected even when you are unable to gain physical access to your facilities. Having these applications in the Cloud can help you ensure everyone on your team is present and accounted for.
Don’t wait until a disaster strikes to review your data protection and disaster recovery plans. Contact your technology advisor today if you are unsure how well you will weather the storm.
According to a recent research report “Assessing the Cloud Security Landscape” by the Computing Technology Industry Association (CompTIA), 85% of business owners and IT professionals participating in a survey responded that they are Confident in their Cloud Service Provider. No wonder research firm IDC predicts the market for public and private cloud security to more than double over the next few years. What Cloud Security Concerns are top of mind with business owners, and what can you do to reduce your risk? Read more to find out…
Cloud Security Concerns
According to the CompTIA research, the biggest security concerns are: system downtime and business interruptions; exposure or loss of data during file transfers to the cloud; and concerns over encryption of data (either transactional or at rest). Rounding out the top five concerns from the research are physical security of cloud service provider data centers, and shared technology vulnerabilities in a multi-tenant environment. Many of the risks related to these issues can be avoided with appropriate technologies, and by adhering to industry compliance regulations.
Questions to Ask About Cloud Security
To help you sleep at night, there are a number of questions you can ask your Cloud Service Provider to better understand security considerations. You may want to know where your data resides. Understanding data residency could help you navigate standards related to regulatory compliance or specific country requirements on data residency. Consider asking your Cloud Service Provider about their encryption policies, business continuity and disaster recovery plans, and their data integrity and retention policies.
Is the Cloud Right for All of My Data?
Data that is strictly regulated by industry compliance, or that is highly sensitive or competitive, may not be right for Cloud Computing. This makes the case for having a solid internal IT infrastructure in addition to investment in Cloud Computing technology.
As Cloud Computing matures, so will the technologies designed to protect against threats. To stay on top of these issues and trends, reach out to your technology advisor to understand the impact of Cloud Security concerns for your business.