SECURING YOUR DATABASE

In the era of modern technology, effective database security is more important than ever. Your business stores a range of sensitive information (for clients and employees) all of which needs to be kept safe at all times. Should any of that data get exposed, either by malicious hackers or internal human error on your staff’s part, it could very quickly lead to severe consequences for your business. Loss of business, the trust of your clients, financial damages, lawsuits, compliance infractions, or worse. Don’t let it happen to you.

Database Security

Why Should Database Security Be Enhanced?

Information stored on your business database is more than likely to be misused – either hackers who want to access, steal or corrupt it, or simply by employees who aren’t entirely sure of what they’re doing. Additionally, the database is at risk of malware infections that may lead to inappropriate effects, unauthorized access, or deletion of crucial data. Data breaches can cause an overload that would result in poor business performance and lower operational efficiency. Besides, if hackers access your private business data, it could lead to data corruption and inappropriate activity that would potentially damage your reputation. That’s why it’s so important for you to enhance database security by employing various strategies aimed at protecting the information from any unauthorized access. These strategies involve physical, administrative, and software controls. They include:

Enhancement of Physical Database Security
It may sound simple, but it’s a vitally important part of database security – make sure your servers are kept protected by physical security implementations. Locked closets, numbered keypads, video surveillance, etc. Similarly, you need to ensure that you allocate different machines from those running the web servers for your database. Given that such servers are publicly accessible, they are at a higher risk of hacking and may help in accessing the database irregularly.

Use of Database Firewalls
A firewall will help to enhance the security of the database by denying access to traffic from unidentified sources and reducing the initiation of unnecessary outbound connections. In this case, it identifies a few web servers of applications that are allowed to access the data. Web application firewalls can also be used to prevent malware such as SQL injection attacks that have a potential to delete database information.

Encryption of Data
Encryption should be a foundational aspect of your cybersecurity practices, but especially those concerning your database. In layman’s terms, encrypted data is formatted in a secret code that would be meaningless if intercepted. It is one of the most efficient ways to secure a database given that decryption can only occur through a key, which is essentially a “secret password”. In this case, there is a need for updated encryption software to ensure that private information is only accessible through the database program.

Use of Secure Passwords
Given that a password grants access to your database, it is imperative that you ensure it is complex enough that it can’t be easily guessed. In recent years, hackers have developed sophisticated tools and systems for identifying simple passwords. Therefore, combining letters, numbers, and symbols are simple ways to ensure your passwords are more difficult for hackers to crack using their standard methods.

Auditing and Monitoring Database Activity
Regular database auditing and monitoring help to detect any unusual activity or login attempts by an unauthorized individual. In addition, doing so can help you detect cases of account sharing or any other suspicious activity. The organization may need Database Activity Monitoring (DAM) software that is important in monitoring such activities automatically and independently. Additionally, auditing the database helps to identify accounts that are no longer in use, which could increase the risk of hacking.

Tight Management of the Database Access
It’s important to limit the number of people accessing the database in order to enhance monitoring. Besides, your administrators should only get the minimum privileges that are necessary for their jobs. In some instances, employees are caught colluding with external hackers to defraud an organization or steal crucial data. Therefore, it would be prudent for your business to consider acquiring access management software that provides temporary passwords to authorized users and more specific privileges when necessary. That way, any attempts to access the database with these credentials after they expire won’t work and will notify you of such attempts.

Segmentation of Database
A large, singular database is at a higher risk of exposing private information because it involves so much data. That’s why it can be useful to segment the data by creating various roles within the database. This help prevents all administrators from viewing all data whenever they like. Were you to segment your database, depending on the roles, your administrators may be classified with different privileges and access to different levels of database information.

The security of a database is undeniably important for businesses like yours. Be sure to follow strict cybersecurity practices in order to keep your database secure from malicious hackers and careless employees.

Notable features of Windows 10

Over the years there have been many versions of Windows such as Windows 8, Windows Vista, and Windows XP. Windows 10, the latest update from Microsoft, has many unique features that distinguish it from its predecessors. While the previous versions ran mainly on laptops and desktops, Windows 10 is designed to run on tablets equally as well. One of the best features of this update, which is also known as Spring Creators Update, is that takes very little time to install – just under thirty minutes. While the previous updates used to take a lot of time, this new version is very time effective.

Notable Windows 10 Features

Windows 10 has many other distinctive features that are very useful for many small businesses.

Cortana on Desktop

Windows 10 brings voice-controlled digital assistance in the form of Cortana to computers. Now you can interact with or give commands to your computer without lifting a finger. You don’t need to type – just tell your computer if you want to launch a PowerPoint presentation, need a specific file, or want to look at specific photos. Your PC can do all this while you work on, say, an interdepartmental email.

Timeline

Timeline has replaced the Task Viewer icon beside the Windows taskbar. This new feature allows the user to view the activity history of their desktop. If you are looking for a file that you were working on last week, Timeline will help you find it quickly. Just click on the Task View button on the taskbar, and you will be able to see all your open files and applications. It is a convenient way to see what applications are running. Windows will display photos, folders, and documents according to the date that they were last used.

Privacy

Another security feature of Windows 10 is the new Windows Diagnostic Data Viewer. This feature allows you to view the amount of information that Microsoft can access from your computer. You can keep your data safe by fine-tuning privacy settings which concern application usage, browser history, web permissions, and connected devices.

The Start Menu is back!

In the previous update the Start Menu was eliminated, but in Windows 10 we can see its revival. The bottom left shows the Start Button, and when you click on it, two panels appear side by side with the left side showing the most used applications. The right side displays a list of live tiles that you can resize, reorganize, and customize. There is a power button at the top similar to Windows 8 for features such as Standby, Hibernate, and Shut down.

Nearby Sharing

Another simple feature that makes office work so much easier is Nearby Sharing, which you can enable from the Control Panel. Select the computer you want to send the file to and then click on the Share button in the Photos app or the Edge browser. The computer will receive a notification asking it to accept or decline the file. This ensures that file transfers can happen without unreliable network folders, beat-up USB devices, or empty email messages.

Snap Assist

In this update, the Snap View feature has also been updated which allows users to open multiple windows side-by-side without being limited by your screen’s resolution. This feature also suggests different apps that you can open to fill the available space.

Swift Pair

This feature allows you to connect to a Bluetooth device within the desktop’s range. You will automatically receive notifications whenever there is a connection opportunity. With Windows 10 you can use wireless headphones to make a call or try out a wireless keyboard by just clicking connect.

Microsoft Edge

The new browser called Microsoft Edge has replaced the old Internet Explorer. This browser has many impressive features such as Cortana integration, which allows you to pull up contextual information without having to search through emails. It has an annotation tool which lets you write anything and share it with your friends on social networks without leaving the browser, and PDF support which makes reading easier by improving the layout of long articles.

Tablet Mode

Windows 10, unlike Windows 8, makes a clear differentiation between tablets and desktops. In Windows 8, if you happen to be using a mouse and keyboard, by default, you will be in desktop mode.

Action Center

The Action Center in Windows 10 has been expanded to allow easy access to frequently used settings such as tablet mode and Wi-Fi connectivity. It also shows all essential notifications as soon as your computer receives an update.

Windows 10 has many impressive features which were missing in the previous update. It is faster, provides invaluable security protection and makes multitasking much easier. Update your computer today to enjoy all the benefits of this new operating system.

Is The U.S. Government Planning A Special Tax On Paper Waste?

Do you use 800 million pounds of paper each year? That’s the latest estimate for the average professional – and nearly 20% ends up in landfills. Would your habits change if you were taxed on paper consumption?

Paper Waste

The use of paper to record thoughts, plans, transactions, agreements, or anything at all, is nothing new. Ancient Egyptians invented the earliest known type of “paper”, named papyrus from the plant which the material was created. The more modern forms of paper are likely created from a process similar to that invented by the Chinese, who remain the leading paper manufacturers today.

The ability to document everything from knowledge and information to financial transactions and taxes brought the foundation of the technological era – though not quite as we see it today. For the first time in history, accountability no longer relied on memory or spoken word, but the origin of the “paper trail” concept.

One of the earliest modern ways we’ve found to scale back paper use is the predecessor to the smartphone, the personal digital assistant (PDA), like the Palm Pilot. Migrating from paper planners to a handheld organizer enabled professionals to have easy calendar access, along with a variety of other resources like the Internet and telephone.

  • Would it surprise you to know that the first person to coin the phrase “PDA” was a former Apple CEO, John Sculley?

The intended purpose of technology is to improve our lives and simplify our tasks. For example, email was designed, in part, to expedite communication in a cost-efficient manner. Written communication that previously took more than a week to deliver via U.S. mail with the added cost of a postage stamp and envelope – also relying on the correct mailing address of the recipient – was now nearly free and instantaneous. The fax machine was intended to serve this same purpose of timely delivery, but still involved paper waste. In fact, fax machines created a unique problem: the sender had to have a print copy to scan and fax, and the recipient thus received a paper copy of the message. In the case of email, technology should decrease the use of paper, and successfully has.

The average professional has indeed cut back on paper use. Statistics vary, but no matter how you look at it, we consume far too much paper for the amount of technology we have at our disposal. Notice the word “consume”? The sad reality is that not all consumed paper is used. Have you ever visited a print station only to have to dig through sheets to find the printed document(s) you’re looking for? How many times do you see the same sheets that never get picked up?

  • Every year, organizations look to trim costs from their budget in unique ways, but rarely are paper costs fully considered. It’s estimated that U.S. companies spend $120 million annually on printed documents – a number that can, and should, easily be reduced.

Companies like Microsoft are trying to facilitate less paper consumption, and therefore, less waste. From online storage with Microsoft OneDrive or SharePoint, where users can store, share, and access files from anywhere without needing to produce paper copies, to collaborative software solutions like Microsoft Teams or Microsoft Project which help groups jointly communicate in real time, modern solutions are geared toward less paper consumption.

One industry where paper consumption has significantly decreased in recent years is the medical field. Patient charts used to be entirely paper, including test results, office visit notes, and full patient history. For large medical practices, this involves a lot of expensive real estate for a physical item that isn’t often used. The movement toward electronic health records is more efficient in every way: cost savings for less paper and less space taken, easy to share and access from anywhere, and less chance of a test result or document getting lost or damaged.

Banking is another industry to vie for the record of worst offender in terms of paper consumption. Between lending for auto purchases or mortgages and account statements, banks recognize the high-consumption of paper and have (slowly) been moving toward online signatures, email statements, and digital records.

Even major metropolitan areas are jumping on the “green” bandwagon. Bike lanes are being rolled out in cities across the country. Mass transit light rail systems are being installed and adopted for easy navigation and decreasing carbon footprints and toxic emissions. On the smaller scale, but no less important, it’s becoming more common for consumers to be emailed a receipt at a point of purchase, rather than have a paper receipt printed at the time of transaction. Most cities have designated locations to return printer ink cartridges for recycling to help cut down on waste.

  • Commonly purchased with large print workstations are service agreements to maintain the printer. Rather than a set cost, these agreements are based on use and consumption, with fees for black-and-white documents ranging from 5¢ to 12¢ on average, and color documents ranging from triple to more than five times the cost of black-and-white fees. By comparison, cloud storage costs are far more economical!

So, what can you do to help cut down on paper waste, thereby cutting costs for your company?

  • Evaluate who uses a printer at your organization and for what purposes.
  • Determine if your printer(s) are the most efficient available, and if they are maintained for efficiency.
  • Monitor overall usage, and then assess how usage can be decreased.

There are so many ways technology can help decrease print usage and costs, and here are a few to get started:

  • Cloud storage
    • This cannot be stated enough. Moving file storage to the cloud is a big leap, but can save you time and money.
    • No more file cabinets taking up real estate.
    • Documents are easier to find, access, and share from anywhere.
  • Reusable notebooks
    • Do you or your team still prefer to take handwritten notes? Using a smart notebook like the Rocketbook Wave propels your note-taking into the next century. Once captured, notes can be shared to the cloud using your smartphone. Once the notebook is full, a quick run in the microwave and it’s empty to use again!
  • Collaborative platforms
    • We mentioned Microsoft Teams already, but there are countless options available. From Slack to Basecamp, most offer users a similar feature base intended to encourage digital collaboration and eliminate paper waste.

It’s not unheard of to offer incentives to decrease waste, but the greatest incentive is decreasing costs for the organization resulting in increased revenue – and hopefully increased salaries! Decreased paper waste shouldn’t have to rely on staff incentives – and hopefully, it won’t come to taxation, but you never know…so let’s get ahead of the game and help ourselves while helping the planet. Saving two kinds of green – money and Mother Earth – with one effort!

How Outsourcing Your Technical Service & Support Can Reduce Your TCO

You may think that your technical support and service costs will increase as your organization grows in size and scope. But this doesn’t have to be the case. Most small and mid-sized businesses no longer need to employ dedicated techs or pay for the benefits and management costs that come along with employing them. Today’s Technology Solution Providers (TSP) have the expertise and tools required to provide technical service and support on a 24/7 basis. But when looking for a TSP, search for one that will act as a partner when it comes to your technology planning. A true partner considers the benefit-to-cost ratio and TCO when choosing what you need.

Total Cost of Ownership

Selecting the Right Technical Service, Support and Solutions Can Be a Balancing Act.

As your business relies more on technology for your daily operations, you can’t afford downtime that halts your productivity or the lost revenue that comes along with it. Because of this, you shouldn’t take shortcuts when it comes to choosing the quality and up-to-date technology solutions that you need to do your job. But just the same, you must consider your budgetary requirements when determining what to invest in. This is difficult to do on your own as technology is changing so rapidly. The answer is to find the right TSP –one who will get to know your business, help you decide what technology assets you require and determine if you will get a positive return from them.

This a fine balancing act. You must use the right solutions to handle your workload, but you must also stay within your budget. Only an experienced and knowledgeable Technology Solutions Provider can provide the strategic expertise required to find this balance. If they don’t know what you’re talking about when you recite TCO, then it’s time to find another provider. As you know, TCO refers to the total cost of ownership. A TSP who has experience in strategic planning can apply this principle when helping you select your IT assets and services.

TCO (Total Cost of Ownership)

Your IT environment is one of your most important business investments. It’s also one of the most expensive and unpredictable. This is where TCO for your technology becomes an important part of your budgetary planning. The total cost of ownership is a financial estimate that helps you determine the direct and indirect costs of a product or system.

TCO for your technology assets is calculated by dividing the cost avoidance and reduction that you realize over a specified period of time by the amount you invest over that same period of time. Total Cost of Ownership typically relates to four categories:

  1. Downtime
  2. Computing Costs
  3. Data Storage
  4. Business Administration

The Cost of Downtime

The cost of downtime is dependent on a number of areas. Monetary losses vary and are dependent on your revenue, industry, the actual duration of the outage, the number of people impacted, the time of day, and more. The cost of downtime is usually higher for businesses that rely on high-level data transactions, like banks and online retailers. And, if you experience an unplanned downtime during peak business hours, your costs will be higher. To keep it simple, calculate how much it costs your business when your employees can’t access the technology they need to do their jobs. This should include every dollar you’d lose to server downtime including hidden costs like clients leaving your business for another one, and the amount you have to pay employees when they can’t perform their duties due to downed technology.

Computing Costs

This isn’t so difficult to calculate. It’s the price you pay for things like:

  • Computers and servers,
  • Applications and Software as a Service (SaaS) subscriptions,
  • IT Maintenance,
  • Employee training on hardware, software, and IT security awareness,
  • Software and Hardware Upgrades,
  • Cyber Security solutions like antivirus and antimalware or Security as a Service (SecaaS),
  • Cloud Solutions,
  • Contracted technical support and service and more–Anything that’s related to computing.

Data Storage Costs

This would include your costs for network and storage infrastructure, server configuration and deployment, power and cooling costs for data centers, and administrative costs for data backup and recovery capabilities.

Business Administrative Costs

This would be anything that impacts your daily business functions including labor, vendor contracts, procurement processes, accounting costs, and other overhead costs related to your IT operations.

Re-Evaluate Your Current Approach to Technical Service and Support.

Small and mid-sized businesses (SMBs) are typically understaffed when it comes to technical service and support. They don’t have the money to hire in-house techs, nor can they find the talent they need. Many SMBs operate in a reactionary way rather than the preferred proactive technical service and support model because they fear that contracting to a TSP will cost too much money. This is just the opposite. If you simply calculate your TCO for your technology as we explained above, you’ll realize that you have a lot to protect. Downtime alone can cost you your business if it lasts more than a few days.

With the ever-changing technology landscape and sophisticated cyber mafias cropping up, your business is at an increased risk of downtime, breaches and data loss without the right approach to technology. Unfortunately, your CFO or CIO might tell you that the only solution is to hire more IT staff. This just isn’t the way to go for a variety of reasons:

  • IT talent is hard to find.
  • If you do find them, you have to ensure they are continually trained and certified on new platforms, security solutions, software, and hardware.
  • They cost more to hire and employ than outsourcing to a TSP.
  • You have to manage them. If you don’t have a CIO who understands everything they do, how are you going to know if they are doing what they should?
  • Turnover will be high because many techs use their employment at a small business as a stepping stone to a higher position.
  • The recruitment search and costs, along with the time you must invest to find new techs is unsustainable for small businesses.
  • If you don’t have the IT support you need, you’ll be dealing with increased downtime and IT failures.

Labor is the most expensive element when it comes to technical services and support. A break-fix model is labor intensive and increases your costs. This no longer is a factor when using a TSP who provides managed IT services. Your best move is to turn your IT management over to a TSP. By doing so, you can better gauge your technology needs while keeping costs down. Experienced Technology Service Professionals can help you use new tools that reduce costs by automating many labor-intensive tasks.

If you do some simple calculations, you’ll realize how much more expensive an in-house tech is than outsourcing to a TSP. An in-house network administrator can cost you upwards of $60,000 a year. Then you’ll have the added expense of employee benefits like Social Security contributions, workman’s compensation insurance, health insurance, vacation time and sick leave. In addition, there’s always the ongoing certifications you’ll have to pay for. Plus, you’ll have the costs associated with additional benefits like health insurance, social security contributions, vacation days and sick leave. Now, this one network administrator costs you more than $100,000 a year. Then there’s the required 3.5% raises that they’ll demand each year and the ever-increasing healthcare insurance costs. One network administrator can cost you more than $100k a year.

Here’s something else to add into your calculations. Recent studies have shown that close to 40% of all IT failures are caused by errors made by in-house IT staff and that they will spend up to 50% of their time detecting and remediating these errors. Once again, you’re looking at a reactive rather than proactive approach to technical service and support when you use onsite technicians. You can see how relying on them increases your TCO.

If your CFO suggests you use an outside tech service on an as-needed basis, you’re also looking at a poor TCO. The term for this is “break-fix,” and it can be an expensive proposition. Plus, it can take anywhere from 24 to 48 hours for one of these techs to visit your site. You won’t be high on their priority list because they’ll be serving their Managed Service clients first. Imagine going more than two days without your technology. This can set some businesses back for weeks, not to mention the angry customers they must deal with.

The Way to Lower Your TCO is to Outsource Your IT Management to a TSP.

The right Technology Solution Provider will put considerable effort into understanding your operational and

business needs. With this knowledge, they will develop and deliver a set of specific cost-effective services that align technology with your goals. This will increase your system reliability, your organization’s business continuity, staff productivity and, ultimately customer satisfaction.

The right TSP will align your technology with your organizational goals. They will ensure your technology provides a greater ROI (Return on Investment) and decreased TCO. They do this by streamlining costs, increasing your productivity and revenue, and avoiding expensive onsite IT fees for replacement or repairs.

When you outsource your technical service and support to a Technology Solutions Provider you’ll have:

  • Immediate access to a team of IT professionals who have a depth and breadth of knowledge and experience in the latest technology solutions. You could never afford this amount of expertise with in-house techs.
  • Around-the-clock technical support with remote monitoring of your network, so you can get your IT system up and running if there’s an issue. With remote monitoring, issues can be averted before they cause downtime.
  • A team of certified professionals with the knowledge that can save you time when implementing new projects.
  • Cyber Security experts who can mitigate security risks and compliance problems that result in penalties, liability and your credibility with customers. Plus, they have the expertise to conduct security awareness training for your employees, and they will know about the newest exploits to beware of.

TSPs offer an IT management model that saves you in labor costs and downtime. They do this with:

  • Remote Desktop Management and Support
  • Monitoring of Network/Operating System and Alerts
  • Updates for Anti-Virus Software
  • Backup and Disaster-Recovery Solutions
  • Application of critical Patches and Software Updates
  • Resource Availability of Best-In-Class IT Solutions scaled to your needs.
  • Audits of Computer/Network/Software
  • Enforcement of Network Cyber Security Policies
  • Mobile Data Management and Monitoring

One of the biggest advantages of outsourcing your IT services to a TSP is that they remove the unplanned costs that many small businesses deal with. Instead, they offer a fixed monthly fee for the services they provide. Plus, you and your staff can focus on your core responsibilities– You won’t be distracted by IT issues.

The technology nonprofit CompTIA surveyed 400 businesses that outsourced their IT needs to a Technology Services Provider. Of these businesses, 96% reported saving a substantial amount annually — 184 realized cost reductions of 25% or more, and 58 over 50% reduced costs.

Your TSP Can Save You Money and Increase Productivity and Security with Virtualization and Cloud Computing.

Be sure to ask your TSP for today’s “new” managed IT services–Virtualization and Cloud Computing. Other SMBs have found that new technology innovations like virtualization and the Cloud is the way to lower their TCO and save money.

With virtualization, your TSP creates virtual resources such as servers, operating systems, workstations, storage systems or networks. Virtualization is more cost-effective than using traditional methods. It also allows you to scale your services up or down as your company grows or decreases in size. Many seasonal businesses benefit from this as they don’t have to continue paying for services they don’t use.

Cloud computing provides services, such as software platforms, storage, and servers over the Internet. It provides SMBs storage and business processes that were previously only available to large enterprises. Information is available via a central web-based data center to anyone with a computing device and the proper login credentials. And, with cloud computing, you can sync your business data to your users’ connected devices in real time for enhanced productivity, collaboration and mobility.

Virtualization and cloud computing provide a lower TCO and a more cost-effective way of using technology. They also provide business continuity with increased data security, recoverability and the ability to access your IT environment from anywhere you have an Internet connection.

According to studies by VMWare (a cloud and virtualization software and services company), businesses that implement virtualization have reduced their total cost of ownership for IT operations by

up to 67%. The right Technology Service Provider can show you how to maximize your server resources, improve your overall IT performance, enhance your cyber security, do more with less, and, ultimately, save you money.

The following are some of the benefits of virtualization:

Virtualization will save you money. Virtualization lowers your technology and energy costs. You’ll need fewer servers, networking gear, racks, and hardware. Your maintenance, heating, cooling, and energy costs are all reduced. Plus, instead of purchasing new equipment, you simply add a new virtual server when you need more storage space for your data and IT solutions.

You’ll have more storage and faster application deployment. Server virtualization isolates applications, so you no longer need to worry about incompatibilities. You’ll realize improved application performance, with much faster provisioning. Virtualization also allows you to fully utilize your physical servers and set up virtual machines with the precise amount of memory and storage you require.

Your business continuity and disaster recovery will be improved. With virtualization, your data can be migrated to another server when you need to perform repairs or specific tasks. This way you don’t need to shut down servers, so downtime is no longer an issue. Your data is always available, even if a server is shut down — so business continuity is greatly enhanced. Virtualization’s single-system image also makes recovery painless.

You can easily transition to the Cloud. If you’re considering moving data to the cloud, the process is a lot less complex with virtualization. The data stored on virtualized servers is already free of hardware, so making the transition to a public or private cloud is simple.

You can do more with less. Virtualization allows you to virtualize your entire network or just specific aspects of it, so you can simplify business operations and promote efficiencies. You can do more with less because virtualization allows you to accomplish more with fewer servers.

Your cybersecurity will be improved. Virtualization can combine features with security functions to streamline your security operations. With automated provisioning and sharing across both virtual and physical security platforms, virtualization can enhance your cyber security without sacrificing performance.

As business owners and managers realize the cost-saving factors associated with cloud computing and virtualization, they are re-evaluating their IT strategy when allocating money for technical services and support. They’re now seeing that outsourcing to a TSP provides a greater return on investment and a reduced total cost of ownership.

Your Technology Solutions Provider can be a valued business partner who can offer the expertise you need to grow your business with the right IT solutions. However, no matter what approach you use for IT management, it’s important to conduct a cost-benefit review to make sure you’re getting the best ROI and lowest TCO from your technology investments.

The Newest Forms Of Ransomware & How To Protect Your Business From Them

The Situation

Ransomware is now one of the top security concerns for businesses and organizations of all sizes. The City of Atlanta was hit with a ransomware attack called SamSam in March, crippling some important departments like their court system, sewer infrastructure requests, and water billing department.

ransomware

The attackers who deploy SamSam are known for clever, high-yield approaches. This, combined with the City’s lack of preparedness, explains why the infection was so debilitating.

Experts are telling us that SamSam will strike again. Unlike many forms of ransomware that spread via phishing attacks where individuals inadvertently invite the attack, SamSam exploits IT system vulnerabilities and cracks weak passwords. These ransomware attackers have made $1 million in less than six months.

Keeping all your systems patched, storing data in enterprise-based cloud backups, and having a ransomware preparedness plan can offer real protections against SamSam and other ransomware infections.

Unfortunately, ransomware attacks are on the rise, and as hackers use more sophisticated encryption technology, the threat is constantly evolving. According to malware security firm Barkly, a company is hit with a ransomware attack every 40 seconds. They also identified ransomware as the most prevalent form of malware, with “4.3x new ransomware variants in Q1 2017 than in Q1 2016.”

This article details how dangerous ransomware is, how it could harm your business, and what you should do to protect your data.

Part 1

What is Ransomware?

Ransomware is a type of malicious software (malware) that blocks access to a computer that infects, locks or takes control of a system and demands a ransom to unlock it. It’s also referred to as a crypto-virus, crypto-Trojan or crypto-worm. It then threatens that your data will be gone forever if you don’t pay using a form of anonymous online currency such as Bitcoin.

Most forms of ransomware are spread via spam using unsolicited phishing email or an attachment. Phishing attacks use emails disguised to look like they’re from someone you know and are more likely to trust.

Some ransomware-based applications disguise themselves as police or a government agency, claiming that your system is being locked down for security reasons and that a fine or fee is required to reactivate it. Then it typically asks you to click on a link or attachment to perform a routine task such as updating records or account details. If you do this, a worm or malware is downloaded, infects your system and locks it by encrypting your files.

Ransomware, like SamSam, can also infect your IT system using vulnerabilities in your computer’s browser. It does this when you click on a malicious code hidden in online ads or free software.

Ransomware targets small to medium-sized businesses because they are particularly vulnerable due to limited IT resources. They are also more likely to pay the ransom in the hopes that they’ll get access to their data, although the FBI warns that this isn’t necessarily so.

“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cybercriminals to target more organizations, but it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”

Paying the ransom only guarantees that the malicious actors receive your money, and possibly even banking information. Also, decrypting files does not mean the malware infection itself has been removed.

No one is immune.

  • Temporary or permanent loss of sensitive or proprietary information,
  • Disruption to regular operations,
  • Financial losses to restore systems and files, and
  • Potential harm to your organization’s reputation.

The lack of awareness and cybersecurity training is a leading cause of ransomware.

Part 2

Ransomware Comes in Many Forms.

Ransomware comes in many different forms, but essentially, it’s a type of malware that denies access to your computer devices unless you pay a ransom. The ransomware malware encrypts your data. Once it does this, it can travel throughout your network and encrypt other mapped and unmapped network drives. Because of this, it can bring your organization to a halt.

The ever-evolving nature of these threats makes ransomware very difficult to keep track of. (Ransomware-as-a-Service (RaaS) makes it easy for cybercriminals to set up a lucrative hacking scheme. It is provided as a vendor platform on the Dark Web. Unlawful vendors offer hackers and criminals a tool to use to lock down computer files, information or systems and hold them hostage.

Ransom32 is a type of “Ransomware-as-a-Service” that provides any cybercriminal, even those without technical knowledge, the ability to create their own form of ransomware. What makes Ransom32 so dangerous is that it uses JavaScript, and can be used on computers that run Windows, Mac OS X, and Linux.

Over 2,900 types of ransomware have been reported, and they’re growing. Here are just a few:

Bad Rabbit 

Bad Rabbit has infected organizations in Russia and Eastern Europe and is spreading throughout the world. It does this via a fake Adobe Flash update on compromised websites. When the ransomware infects a machine, users are directed to a payment page demanding .05 bitcoin (about $285).

Cerber

This ransomware encrypts your files using AES encryption and demands a ransom of 1.24 bitcoins (worth $500). It communicates via a text-to-speech voice message, a recording, a web page, or a plain text document. There’s no way to decrypt files that are encrypted by Cerber unless you pay the ransom.

Cryptolocker

CryptoLocker infects computers that run Microsoft Windows. Like other forms of ransomware, you must pay the hackers to decrypt and recover your files. CryptoLocker spreads via fake emails (phishing) designed to mimic legitimate businesses.

CryptoWall

This form of ransomware has been around since 2014, but new variants are still circulating, including CryptoBit, CryptoDefense, CryptoWall 2.0, and CryptoWall 3.0. Like CryptoLocker, CryptoWall is distributed by spam or exploit kits.

CryptXXX

CryptXXX used additional capabilities including network-share encryption. This means that even if you can decrypt your files, it can still cause significant downtime by encrypting files on your network shares.

FakeBsod

FakeBsod uses a malicious piece of JavaScript code to lock your web browser. It displays a fake warning message and tells you to go to a particular webpage (that contains the ransomware). The message says to “contact Microsoft technicians” about an “Error 333 Registry Failure of the operating system – Host: Blue screen Error 0x0000000CE.” When you call the phone number, you’ll be asked to pay a fee to fix the problem.

Lockscreen

This form of ransomware isn’t new and has been in use for quite a while. It attacks Android devices. However, now there’s a new version that is more powerful and much more resilient. It used to lock your screen using a hardcoded passcode, but with the right code, you could unlock your device. Today the new version is impossible to reverse-engineer the passcode since it uses pseudorandom passcodes. Because of this, you can’t unlock your device and must pay the ransom.

Locky

If your computers are infected by Locky, it will rename all of your important files and prevent you from opening them. It does this through encryption and using the file extension–locky. Now, only the cybercriminals have the decryption key, and you must purchase it from them to retrieve your files. To do this, you have to go to the Dark Web and pay $400+ in Bitcoin.

NotPetya

This is a strain of Petya and was first seen in 2016. Today, experts believe NotPetya’s sole purpose is to destroy data instead of obtaining a ransom.

Petya

Petya is especially dangerous because it encrypts entire computer systems, and overwrites the master boot record, so you can’t reboot your operating system.

Spider

Spreads via spam emails. It’s hidden in Microsoft Word documents and installs the ransomware on a computer when it’s downloaded. The Word document (typically disguised as a debt-collection notice) executes macros that encrypt your data.

TeslaCrypta

This uses an AES algorithm to encrypt files and is specifically designed to attack Adobe software vulnerabilities. TeslaCrypta installs itself in the Microsoft temp folder.

TorrentLocker

TorrentLocker spreads via spam email campaigns and targets specific geographic regions. It also uses the AES algorithm to encrypt files. It collects email addresses from your address book to spread malware to your business contacts, friends and family members.

WannaCry

WannaCry has hit over 125,000 organizations in over 150 countries. It currently affects Windows machines through a Microsoft exploit known as EternalBlue.

WannaCrypt

This computer attack began locking down data on May 12, 2017. It affects Microsoft Windows Operating systems. WannaCrypt encrypts all the data in on your computer and holds it hostage.

ZCryptor

This form of ransomware uses a worm-like tactic to self-propagate and encrypt files and external drives so that it can attack other computers.

Part 3

How Ransomware Infects Your Computers

Ransomware attacks are increasing, and so are the ransoms to recover your data.

You’ll know when ransomware infects your computer because the hackers display a message telling you how much to pay to unlock your files. These ransoms typically run in the $300-$500 range. But, some businesses are having to pay upwards of $1,000 per computer. If you have 25 computers that are infected, that’s $25,000.

Hackers primarily use the following attack vectors to infect computers:

Phishing Emails

This is the most common scenario. A realistic-looking email is sent to you with a link or attachment that contains the ransomware. Hackers will often send a number of these links or attachments to hide the one with the malware. Once it’s clicked the malicious software loads itself and the ransomware infection spreads throughout your files, locking them until you pay the ransom.

Drive-by-Downloads

If you unknowingly visit a realistic-looking website containing ransomware, it can load itself onto your computer. If you use an old browser, out-of-date software, or third-party applications, you’ll be most vulnerable. A hacker can detect a vulnerability and exploit it. When a software vendor discovers this, they’ll release a patch to repair the issue, but by this time the criminal has already done their dirty work. Examples include unpatched versions of Adobe Flash, a bug in Java or an old web browser, or an unpatched operating system.

Free Software

A lot of us download free versions of software. Some are legitimate, but others contain ransomware. They are especially prominent in broken versions of expensive games, free games, porn content, screensavers or bogus software. By convincing the user that they should download the software, they can get past firewalls and email filters. You might not even know that you’ve done this until the ransomware activates weeks later.

Unpatched Software

According to the U.S. Computer Readiness Team (CERT) using unpatched and unsupported software may increase the risk of proliferation of cybersecurity threats, such as ransomware. Microsoft provides a guide to help you keep your software up to date. They recommend that you use feed update functionality to stay informed about new ransomware variants and what you should do to protect your data.

Part 4

What to Do If Your Files Get Encrypted.

Tell your employees to let you know if they experience the following:

  • They can’t open their files, or they get error messages saying a file is corrupted or contains the wrong extension.
  • A window pops up with a ransomware program that they can’t close. This window may contain a message about paying a ransom to unlock files.
  • A message says that a countdown has started for a ransom to decrypt files and that it will increase over time.
  • They see files in all directories with names like “How to decrypt files.txt or decreypt_instructions.html.”

Ransomware isn’t easy to find while it’s at work encrypting your files. So, you might not know that it’s happening until the hacker sends you a message. By this time, the infection has completed its job. The best thing you can do at this point is to contain the virus from spreading throughout your network.

Unplug the infected computer from your network. You may also need to turn off all network access for all your computers until you know the virus is contained. Set your Basic Input Output System (BIOS) time back if the ransomware has started a countdown. This will hopefully give you more time to recover your critical files and try to eliminate the malware. You can access your BIOS time through the BIOS Setup Utility on the computer.

Restore your files from your last backup. This is why it’s important to regularly backup your files to a safe, offsite cloud location. Just make sure your most recent backup wasn’t infected as well. If you use a Disaster Recovery as a Service (DRaaS) solution, you should be able to do this and quickly “spin up” the DR image on your computer. By spinning up the image in a self-contained virtual machine (VM), you can inspect the DR image without exposing it to your entire network.

Alert the FBI. Don’t pay the ransom. This is a mistake because you still may not get your files back and the criminal will continue to extort you for money.

Unfortunately, recovery from ransomware can be difficult as cybercriminals fine-tune their tactics and become more sophisticated.

Part 5

How to Protect Your Data From Ransomware

The good news is that there are best practices you can adopt to protect your business. The Small Business Administration has these 14 recommendations. Your Technology Solutions Provider can help you with these.

  1. Implement an awareness and training program. Because end users are targets, employees should be aware of the threat of ransomware and how it is delivered.
  2. Enable strong spam filters to prevent phishing emails (an attempt to obtain sensitive information electronically) from reaching employees and authenticate inbound email using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent email spoofing.
  3. Scan all incoming and outgoing emails to detect threats and filter executable files (used to perform computer functions) from reaching employees.
  4. Configure firewalls to block access to known malicious IP addresses.
  5. Patch operating systems, software, and firmware on devices. Consider using a centralized patch management system.
  6. Set anti-virus and anti-malware programs to conduct regular scans automatically.
  7. Manage the use of privileged accounts based on the principle of least privilege: no employees should be assigned administrative access unless absolutely needed and those with a need for administrator accounts should only use them when necessary.
  8. Configure access controls—including file, directory, and network share permissions— with least privilege in mind. If an employee only needs to read specific files, the employee should not have write access to those files, directories, or shares.
  9. Disable macro scripts (toolbar buttons and keyboard shortcut) from office files transmitted via email. Consider using Office Viewer software to open Microsoft Office files transmitted via email instead of full office suite applications.
  10. Implement Software Restriction Policies (SRP)s or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers or compression/decompression programs including the AppData/LocalAppData folder.
  11. Consider disabling Remote Desktop Protocol (RDP) if it is not being used.
  12. Use application whitelisting, which only allows systems to execute programs known and permitted by security policies.
  13. Execute operating system environments or specific programs in a virtualized environment.
  14. Categorize data based on organizational value and implement physical and logical separation of networks and data for different organization units.

In Conclusion

The increased incidence and rapid evolution of ransomware have raised concerns and stakes for both small and large businesses. Of everything we’ve discussed here, the two most important things to do to protect your business is to use a solid enterprise-grade cloud backup solution and to provide professional Cybersecurity Awareness Training for your employees. In both cases, your Technology Solutions Provider is your best friend. They’ll help you fight and prevent ransomware and cybercrime of all kinds. Don’t wait. Contact them today

Why Do 4 Out Of 10 Companies Still Use Ransomware Friendly Anti-Virus?

If The Marketplace Distrusts and Has Moved Away From Legacy Anti-Virus and Switched To Next-Generation Endpoint Protection To Escape Ransomware Infection, Why Are You Keeping It?

Ransomware

All the way back in 2006, the word was getting out that Anti-Virus software must retire and make way for the Cloud, Next-Generation Endpoint Protection. AV served its purpose when systems were simpler. And hacking was a college prank, not a malicious attack for financial gain.

Ransomware, Malware, and non-Malware exploits were infants. Legacy AV could carry the load. But in this day and time, they’ve grown-up, and 53% of US organizations are blaming their tired, outdated Anti-Virus, as the cause for not preventing a Ransomware attack. Could your Legacy Anti-Virus be one of them?

It Takes A Cool Million to Plunk Down and Recover, From a Ransomware Attack.

$900.000 a year, is the average cost an individual company spends, on the Ransomware attack, paying the ransom monies, time used to respond, and productive labor time lost. In the US alone, the lost work time equals 44-man hours, responding to an attack, from attack to complete recovery.

44-man hours! That’s a little over a week’s work for one employee. The cost translates into paying that person’s salary, to do a job, you did not hire them to do. Is this good or wrong time management?

Do you know the percentages your Partners and Supply Chain suffered from your infestation?

Research recently provided by SentinelOne shows your affliction has a vast, direct and negative impact, on your Partners and third-party vendors. What happened to your company, magnified their loss and downtime, both in productivity and revenue, it’s the proverbial “domino-effect.”

Let’s look at those numbers SentinelOne provided:

  • 46% Downtime – Your Partners and third-party vendors suffered;
  • 35% Loss of productivity – Your Partners and third-party vendors suffered;
  • 20% Loss of revenue – Your Partners and third-party vendors suffered.

So, who’s to blame?

Worthless legacy antivirus software? Careless employees? Decision makers? Yes. All three have a hand in it. And we’ll explain how.

Let’s start with the legacy antivirus software.

According to Business Wire, a Berkshire Hathaway Company, Legacy vendors have failed to build solutions for new vectors – specifically, many legacy AVs still lack basic anti-exploit capabilities.” The key word here is “Exploit.” Exploiting is what a Ransomware programming-pirate knows and uses against you and your system.

Legacy anti-virus solutions are not able to keep up. Innovation is inadequate. The volume of attacks from:

  • DDoS Attacks
  • Malware Attacks
  • Ransomware Exploits
  • Viruses

Can not be charted. Hundreds of thousands of new strains appear daily. The best legacy anti-virus can’t keep up. It is overwhelmed. And here’s why.

AV infection solving depends on long-established signature-based identification methods to search for digital threats. What it struggles to overcome in today’s world, is the new strains. They are Signature-less and Fileless. The dangers go unchallenged and give a cyber-thief an easy way to access any unprotected enterprise networks.

The second culprit is the carelessness of employees.

According to Ponemon Institute’s 2017 State of SMB Cybersecurity report, sponsored by Keeper Security, The number one most significant cyber threat to your business is your employees. The cause of a breach was a whopping 54% from negligent employees.

But what makes them negligent? For starters device convenience. 50% of your data is accessible from a mobile phone. Not just a company-issued device. It could be a spouse or friend’s phone. A company, of any size, is a target. If your employee has 3 bars in the middle of the Sahara desert, your data can be accessed.

Secondly, your security and policies have gaps making it difficult to enforce your employees to follow proper protocols. According to the research, password policies lacked strict enforcement, 68% of the time. And 58% had no or unclear direction into password practices.

The third and final enabler.

I hate to be the one that says it, but the business owner or decision maker(s) prevent their protection from a Ransomware attack. They hang on to old beliefs. “It won’t happen to us.” Or “It costs too much to swap our legacy antivirus for endpoint solutions.”

45% in this group will pay the ransom, to get their files unlocked and returned, rather than the 55% that credit Cloud, Next Generation Endpoint protection. But those who spent to get their files back were targeted again and again and were attacked 73% of the time. The cyber-criminal sees that business as a bank atm. When they need some cash, it’s paid up or lose your files.

According to {company} Ransomware Specialists, “Cybercriminals will continually perfect their ransomware attacks. They will bypass your Legacy Anti-Virus. They will trick non-trained employees into infecting their organization. They will make you pay their ransom demands or sell your data to the highest bidder.”

Of the 70% who swapped from Legacy Anti-Virus over to Next Generation Endpoint protection, 96% are confident they will prevent future attacks.

To learn more about Next Generation Endpoint Protection and have 96% confidence you will prevent future Ransomware attacks give {company} a call at {phone} or email us {email} to speak to one of our Ransomware Prevention Specialists.

Your Small Business Needs a vCIO to Manage These 10 Technology Priorities for 2018

If you’re the owner or CEO of a small business, then you’re probably already functioning as the Chief Information Officer (CIO) as well. Most small businesses can’t justify paying for both. This means you have to take time from your priorities to manage your technology, ensure that it’s secure and decide what IT solutions to use. It’s not as easy to do this as it was in years past, simply because of the fast-evolving nature of technology, and the increasing incidence of hacking and data breaches.

vCIO

But, did you know that you can “hire” a Virtual CIO (vCIO) at a fraction of the cost of hiring a CIO?

What is a vCIO?

A virtual CIO is a technology service provider who serves as your CIO. They help you develop an IT Strategic Plan, with up-to-date resources to ensure security, productivity, and efficiency. Rather than hiring your vCIO, you pay for the service on an on-demand basis.

This frees you from the daily worry about technology and whether it will run as it should. It also frees up your limited internal resources and allows your employees to concentrate on their core responsibilities.

A vCIO Will:

  • Gain an understanding of both your business and your technology infrastructure and make sure your IT is aligned with your business goals.
  • Help you with IT budgeting and cost control strategies to achieve your priorities and avoid unnecessary costs.
  • Analyze any inefficiencies in your existing IT infrastructure and centralize/consolidate resources and operations to promote considerable financial savings.
  • Advise on Organizational IT Design and replace outmoded processes so you can pursue market opportunities and overcome business challenges through updated, value-based technologies.
  • Effectively incorporate technology into your operational processes and ensure security at all times.
  • Develop and IT Strategic Plans that aligns with your budget.
  • Learn about your competition, and what new IT solutions they are using.
  • Interface with your managers and users to ensure that you meet your IT goals.
  • Identify and evaluate the impacts of your technology decisions.
  • Conduct ongoing evaluations to assess your IT needs and provide service performance metrics.
  • Manage technology needs for specific projects, whether they are new ones or ongoing.
  • Deliver monthly updates to your management, provide Quarterly IT Summaries that reveal the condition of each component of your network, and prepare other reports as required.
  • Provide procurement assistance to ensure you get the best prices on hardware and software.

Your Virtual CIO Will Help Your Achieve These 10 Technology Priorities for 2018.

 Cybersecurity

Security is an essential factor for any organization, and small businesses like yours are the biggest target for hackers today. Risk assessment, data protection, training awareness, and third-party security practices are necessary to ensure maximum security and protection. Continuous diagnostic monitoring is required to view your network, identify risks, quantify attacks and/or breaches, and mitigate them. Digital forensic tools are especially important for companies that require regulatory compliance and incident management. Identity and access management is a security practice that enables only authorized individuals to access resources to comply with security and compliance requirements. These are crucial elements for any business. Your vCIO will manage all these and other cybersecurity requirements for your business.

Disaster Recovery and Business Continuity

Disaster recovery and business continuity refer to your organization’s ability to recover data after a disaster occurs and when IT services are shut down or compromised. Both practices involve the process of backing up data and preparing policies and procedures to implement in the event of a disaster. Your vCIO will confirm your business can stay up and running no matter the IT disaster, manmade or natural.

Mobile Workforce Technologies and Solutions

With the BYOD (bring your own device) trend, organizations are using mobile devices more than ever. Your business is competing in a mobile, technology-driven economy, and you must rely on your mobile workforce to ensure customer satisfaction and product/service innovation. The right mobility solutions ensure secure and simple access to data, tools, and applications from any location. Your vCIO will help you consider applications, support, ownership, security, and communication issues and policies that will ensure your mobile workforce is always productive, and your data is secure.

Cloud Computing, Software as a Service (SaaS) and Virtualization

Software as a Service utilizes a cloud-computing infrastructure to deliver a single application to your employees no matter their location. This is opposed to relying on the traditional one application per desktop. Cloud services are available to your employees via the Internet from a cloud provider’s servers and used instead of your company’s own on-premises servers. Virtualization refers to the creation of virtual servers, desktops, storage devices, applications, and computer network resources. You can virtualize your entire IT infrastructure or just specific aspects of it. Cloud services and virtualization provide easy, quick, scalable access to resources, applications, and services, and simplifies your overall IT infrastructure to promote efficiency.

Enterprise Resource Planning (ERP)

Enterprise Resource Planning involves the use of business management software that combines a variety of integrated applications to store and manage data for all aspects of your business operations. It includes product planning, manufacturing, marketing, inventory management, shipping, invoicing, accounts receivables and payables, and more. Software as a Service Enterprise Resource Planning (SaaS ERP) supports remote hosting of business IT services. It’s also known as Cloud Enterprise Resource Planning (Cloud ERP).

Strategic IT Planning

Strategic IT planning focuses on your organization’s specific needs and how to best use technology to meet them. IT is a strategic capability to be used and integrated into planning and projections with consideration of future IT innovations and business growth. Your vCIO will work with you to determine how technology will help you achieve your business priorities and prepare guidelines and policies that support your vision with the right IT solutions.

Networking: Data and Voice Communications

Data communications refer to the electronic transmission of information for storage and processing, while voice communications refer to systems such as mobile devices and VoIP systems. Your vCIO will help you implement the best communication solutions to keep your organization connected and up and running.

Legacy Application Modernization/Renovation

Legacy application modernization is the process of refactoring, re-purposing, or consolidating legacy software programs to align with a company’s current needs. This enables you to benefit from the advantages of new development without the risk and cost of replacing legacy systems.

Business Intelligence and Analytics for Big Data

Business intelligence, or BI, is a term that refers to a variety of software applications used to analyze an organization’s raw and big data (massive amounts of data). Business analytics is the process of exploring and investigating an organization’s data with emphasis on statistical analysis. This is becoming more important for even small businesses today. They are relying on software solutions like Microsoft Power BI (Business Intelligence) to transform data and create interactive reports to help them analyze data to reach their goals.

Shared Services

Many parts of an organization use the same services and resources. Shared services involve the consolidation of business services and resources used by multiple parts of an organization. For example, with service portfolio management, organizations can define and manage services and resources. By incorporating automation, virtualization, advanced analytics, and other digital technologies into your operations, you can streamline processes. These technologies also may enable you to make better decisions and improve the quality of customer interactions.

By taking advantage of the services a virtual CIO provides, you’ll enjoy all the benefits of a CIO without the added costs. Your vCIO will protect your important data, help you get the most from your technology budget, provide customized reports and recommendations, and ensure you meet the technology challenges of 2018 and beyond.

The Lawyer’s Guide to Preventing 7 Major IT Headaches

An efficient and secure running IT system is essential for any organization, and especially so for today’s law practices. Your work relies on secure and ready access to your data when you’re in the office, courtroom or when on the road. You need the ability to interface your Line of Business applications with other IT solutions you and your staff depend on each day. In order to remain competitive, you must use the most advanced legal technology solutions available and use them to your best advantage. And, any form of downtime is totally unacceptable because can cost you your clients. For all this, you need a Technology Solutions Provider who can build an IT infrastructure from the ground up to meet your high-security, high-availability, high-efficiency requirements.

7 IT Headaches

The Seven IT Headaches All Lawyers Face Today (And Their Remedies)

Technology challenges can lead to significant IT headaches, especially for small and medium-sized firms that manage their own infrastructure. They often “tag” the one employee who knows the most about technology. But today, it’s impossible for a non-professional to provide the 24/7 IT support, expertise and defense-in-depth protection required today.

Even law firms with a professional IT employee struggle with their changing and increasing technology demands and the need for 24/7 IT remote management. IT headaches in the legal industry vary. But the common factor is that they are pervasive and never-ending unless they are prevented by qualified Legal IT experts.

Headache #1 – Cybersecurity

Client confidentiality is a priority for every law firm. And without the proper IT management, your data can be at great risk.

Many lawyers aren’t aware that their critical data is at risk. The chance that data is breached has increased as attorneys, and their employees use mobile devices and email outside the office. They don’t realize that at a moment’s notice their IT system could be hacked, and confidential information stolen.

Cybercriminals have discovered new, creative ways to steal data. Hackers are increasingly targeting law firms to steal clients’ confidential data. Additionally, unethical competitors engage in illegal eDiscovery to harm a competing law firm, or to win a lawsuit.

Many say, “This only happens to larger legal organizations, not small ones like mine, right? Wrong–Small and mid-sized law firms are a more attractive target for hackers because they typically don’t have the right security solutions in place, nor do they train their employees to recognize phishing and ransomware threats like their larger counterparts do.

Building a cybersecurity infrastructure today can be a daunting task with all the attack vectors in play. The most important challenge comes from the requirement to protect clients’ private information. Client confidentiality is at the top of every attorney’s mind, and without the right IT management, this confidentiality can be breached. Cybersecurity should be the primary concern for litigation attorneys who handle confidential electronically stored information.

“To maintain the required level of competence, a lawyer should develop and maintain a facility with technology relevant to the nature and area of the lawyer’s practice and responsibilities. A lawyer should understand the benefits and risks associated with relevant technology, recognizing the lawyer’s duty to protect confidential information.”

Law firms must prevent:

  • Unauthorized access to both their wired and wireless networks.
  • Malware from corrupting their network.
  • Their employees from clicking on malicious links or unknowingly revealing confidential information to a hacker.
  • The disclosure of electronically transmitted communications.
  • Data loss from both manmade attempts or natural disasters.

Law firms must ensure:

  • Data is encrypted and safeguarded.
  • Compliance with legal, regulatory and confidentiality requirements when using technology.
  • Files are properly backed up both onsite and offsite, and that they are easily recoverable.
  • A secure email-archiving and retention strategy for both data at rest and in transit.
  • Cybersecurity is confirmed with regular Vulnerability and Risk Assessments.

The situation demands a defense-in-depth security plan that employs multiple security measures to protect confidential data. Defense-in-depth security was originally conceived by the NSA to provide a comprehensive approach for cybersecurity.

By using multiple layers of automated and remote security solutions, where the outer layers provide a first line of defense, and deeper more concentrated layers stop anything that gets through, lawyers can stop worrying about cyber threats and concentrate on their work at hand. And, as each law firm is unique, this protection requires an IT professional with the knowledge and expertise to find the right combination of security techniques and solutions.

The Remedy: The answer is to rely on a Technology Solutions Provider who will avert security risks and compliance issues that can cost you in legal liabilities, regulatory penalties, and your good reputation.

Headache #2 – Downtime

Every hour lost to downtime means lost billable hours. Time is money when it comes to law practices. Downtime due to power failures, ransomware, natural disasters and more mean your firm is paralyzed and unable to operate.

The increasing digitization of information over the last 20 years has increased productivity for law firms. When IT runs as it should, it helps you save time, and work more efficiently. However, this also means that when it doesn’t, and you’re faced with downtime that your clients, who are used to your efficiency, don’t understand and become angered when their cases come to a standstill.

This causes headaches for you, your employees and your clients. It’s critical that you recover as quickly as possible. When your IT goes down, even for a few hours during a workday, you lose billable hours, lose the ability to send and receive emails, and risk damaging your firm’s reputation.

It doesn’t matter how long downtime persists. It’s unacceptable in any case because it’s preventable. You can mitigate the risk of downtime by having the right technology in place.

The Remedy: Preventive IT measures are key to protecting your confidential data. With the right enterprise cloud backup and recovery system, and the services and support from a Technology Solutions Provider, your firm will benefit from complete system monitoring, secured servers, safeguarded data and upwards of a 99% guaranteed uptime.

Headache #3 – Inefficient IT Performance

In today’s digital world, a slow-performing IT system is like a wound that can drain the life’s blood out of your law firm. You can’t afford to wait this out and hope that things will improve. Time is money, and inefficient IT solutions are not only frustrating, but they can also impede your ability to meet your clients’ demands.

Increased IT performance is one of the biggest benefits of outsourcing your IT service and support. Often, an in-house technical staff creates new problems by overcomplicating basic configurations, because they lack the skill and experience required.

The Remedy: A Technology Solutions Provider offers a higher level of expertise and establishes a highly performing IT system to keep your law firm up and running.

Plus:

  • You’ll save money. Unlike with in-house staff, you won’t have to provide benefits like healthcare coverage, sick and vacation days and workman’s compensation.
  • You’ll have 24/7 Live Help Desk Support, to ensure your issues are resolved quickly, and your IT systems stay up and running at all times.
  • You’ll save time with the resources to start new IT solutions quickly as opposed to waiting for in-house techs who will need to be trained.

Headache #4 – Poor Integration of Line of Business Solutions

You need your Line of Business (LOB) applications to complete your responsibilities each day for Practice Management, Document Management, Time & Billing, and Legal Document Generation.

Applications like:

  • PCLaw
  • Prolaw
  • Juris
  • Clio
  • Timeslips
  • Amicus
  • Abacus
  • Tabs3 / Practice Master
  • Timeslips
  • ProDocs

You also need these applications to integrate with popular software programs like Microsoft Office. And when they don’t run as expected, this can cause major headaches.

The Remedy: This requires assistance from a Technology Solution Provider with expertise in legal IT programs.

Headache # 5 How to Maintain Client Confidentiality While Using the Cloud.

Attorneys are using the Cloud in their law practices. However, this can present significant challenges when it comes to their ethical and legal obligations to maintain client confidentiality.

Your law firm can benefit immensely from cloud computing services. However, it’s important to fulfill all of your legal and ethical duties to your clients.

As an attorney, you are subject to ethical rules that make it difficult to use certain types of cloud services. But how do you know what ethical rules apply to your law firm when it comes to using the Cloud? Plus, these ethical rules vary from one jurisdiction to another. If you have firms in multiple locations, how do you manage this?

The more questions you have about cloud solutions, the greater the potential for more headaches:

Confidentiality & Integrity?

Does cloud computing threaten the confidentiality or integrity of your data? Most ethical rules contain a duty of confidentiality and competence.

Third Party Providers?

If you’re assigning responsibilities to the third-party cloud provider, you must make a reasonable effort to ensure that their conduct is compatible with your legal and ethical obligations. Most ethical rules maintain that you must supervise third parties.

Communicating with Clients about Cloud Services?

Must you ask each of your clients if you can store their data in a third party’s cloud? Most ethical rules contain a duty to seek consent for decisions regarding clients’ data.

Safeguarding of Data?

How do you know that your cloud provider can ensure the proper safeguarding of your clients’ files and documents? Are you liable if they don’t? After all, it’s your responsibility to safeguard your clients’ property.

But, cloud computing provides many benefits for the small law practice. You don’t want to miss out on these:

Low Cost

Most enterprise cloud-based services can be obtained at a very reasonable cost. Law firms typically find that it’s less expensive to use these services than running and maintaining their own servers. With cloud computing, you don’t have to pay for your additional servers and hardware.

Less Maintenance

Enterprise cloud services often include maintenance in their offerings. As an attorney, your workday is too busy to worry about updating programs and patching software. The right cloud provider will automatically install all updates for you.

Greater Accessibility

With cloud computing, you and your authorized employees can access your data from any computer, in any location where you have internet access. If you need to work long hours outside the office, you can still access the IT resources you need remotely.

More Flexibility

Cloud computing services are often sold on a subscription and month-to-month basis. They are based on the number of users who access the solution. If your workload increases, you can up the number of subscriptions. If it declines, you can reduce them. on demand.

Security

Most cloud providers employ sophisticated security measures, so you don’t need to worry about client confidentiality. Also, their staff is trained and experienced in the implementation of security measures that align with current security risks.

Cloud computing offers many benefits for your law firm. Don’t let the potential risks stop you from experiencing those benefits. But you must mitigate your risks.

Review the ethical rules that apply to your jurisdiction and determine what type of cloud services would be best for your law firm.

  • Make sure you’re clear about the particular service you’re planning to purchase.
  • Where are the servers located?
  • How will the servers be used to process your data?
  • Make sure the service is reliable and secure.

If you’re ready to purchase cloud computing services be sure to review the proposed contract carefully.

Pay attention to the disclaimers of liability, intellectual property, confidentiality, and security provisions. Also, does the service provider have a robust disaster recovery plan in place? It’s critical to ensure that the cloud service provides alternative access to data in the event of a service outage.

The top two important risks to consider include:

Security Breaches

Does the cloud provider protect your data from unauthorized access or modification? Make sure you’re informed about any security breaches that affect your data. Discuss compensation in case a security breach is caused by the cloud provider.

Data Ownership

Read the contract and look for clauses that might give the cloud provider ownership of data stored in the Cloud. Make sure the contract acknowledges that your data is owned by your law firm.

The Cloud provider may offer recommendations for security measures. Your staff must understand these security measures and sign a written agreement to comply with them, such as the prohibition of shared passwords.

The Remedy: Ask Technology Solutions Provider to address these concerns and help you choose the right cloud solutions for your law firm.  

Law firms that want to compete in today’s technology-driven environment must depend on reliable, up-to-date hardware and software solutions. But, with the complexities and rapid changes in IT today, they’re realizing the need to also outsource IT services to experts like Technology Solution Providers, so they can focus on their core competencies, and benefit from increased security, innovation, cost savings, efficiency, and productivity.

Headache # 6– How to Keep Up with Ever-Changing Legal Technology Solutions

The digitization of legal documents and the use of use of electronic word processing, databases, and research software has gone mainstream today. Most law practices now manage case files by electronic means and rely on software programs to search, edit, track, archive and distribute documents.

From legal technology in the courtroom, in corporate environments, for paralegals, for electronic discovery, to BYOD solutions, and even for Artificial Intelligence, all of these enable you and your employees to do your job more efficiently.

But these technologies are ever-changing and evolving. How are you supposed to know which ones to use, which will provide the most benefits, and how to find the time to train your employees to use them properly and securely? How can you keep up?

The Remedy: Choose a Technology Solutions Provider who is adept at keeping up with today’s legal technology solutions and can help you select which are best for your unique requirements.

Technology helps today’s lawyer carry out essential tasks, exercise professional judgment, engage with and represent clients, provide advice and settle key commercial dealings. Those who view technology as an opportunity—rather than a threat—will prosper, and more easily reap the rewards from their efforts. Those who don’t will fall behind the competition.

Headache # 7– Lack of IT Talent

Even if you wanted to hire a full-time IT staff, the talent pool is quickly shrinking if you run a small practice. Even your larger competitors are having difficulty finding the IT talent they need to compete.

Most techs in the workplace lack the breadth and depth of knowledge and experience to stay up to date on today’s ever-changing technology resources. Plus, your law firm has very specific requirements when it comes to IT.

You need the expertise of an IT professional who understands your needs, work processes, regulations, the applications you use, and your unique technology challenges. One who knows the complexities you face and can help you improve the way you use technology by:

  • Automating routine legal transactions,
  • Assuring you can share and store documents securely,
  • Optimizing your work processes,
  • Deploying mobility solutions that keep data secure, and
  • Helping you capitalize on tools like electronic data discovery.

The Remedy: The only way to get this kind of IT talent is with a Service Level Agreement from a Technology Solutions Provider who specializes in Legal IT Services.

In Conclusion

Today’s law firms are moving to a Managed Services Model where their Technology Solutions Providers have the expertise and credentials to provide the proactive support they require to keep their IT systems secure and running at peak performance. When they do, they no longer suffer from the IT headaches that can put them at a competitive disadvantage.

Technology Solution Providers are helping law firms use technology efficiently and safely. The result? – Increased value from your technology assets, and no IT headaches for both you and your clients.

You Too Can Use Excel Like A Pro – Here’s Part 2 of Our Series to Show You How

With the 2016 version of Excel, Microsoft has really upped its game for people who aren’t great with numbers. You can now easily use one-click access that can be customized to provide the functionality you need.

This is the second of our three-part series about using Microsoft Excel 2016 to help you identify trends, construct helpful charts, and organize information to maximize the value of your data.

 

Did you know that you can use Excel Worksheets and Workbooks in conjunction with programs like Microsoft Access and PowerPoint? Excel 2016 possesses many capabilities that aren’t readily apparent. That’s why we’re providing this three-part series for you.

If you missed Part 1 of our series, you can find it on YouTube at: https://www.youtube.com/watch?v=zA8X9wqrn1I

In this, Part 2 of our series we’ll be discussing:

  • Working with Multiple Worksheets and Workbooks
  • Managing Lists
  • Working with Dates
  • Formatting and Conditional Formulas
  • The IF, AND and OR Functions

Why would you want to use Excel?

If you or your employees work with financial data, it’s a great tool to use for:

  • Basic mathematical operations like adding, dividing, and multiplying.
  • Finding values like profits or losses.
  • Calculations like averages, percentages and number counts.

Performing calculations in Excel is only the tip of the iceberg. There’s much more you can do like creating charts and graphical layouts to make it easier to recognize trends and more easily analyze data.

What is Excel and how is it organized?

Excel is an electronic spreadsheet program that’s used to store, organize and manipulate data. You enter data into Workbooks that are made up of individual Worksheets. In the Worksheets, you enter data into cells that are organized into rows and columns. Excel data can consist of text, numbers, dates, times and formulas.

Working with Multiple Worksheets and Workbooks

Before you build your worksheets and workbooks think through the process and ask yourself:

“How do you want to see and analyze the results?”

“How much detail is needed to draw a conclusion?”

“What is the most important data for decision makers?”

To access or create a Worksheet, go to the tabs at the bottom left of the screen and click the one you want to activate. Or use Control Page Up or Control Page Down to move among your Worksheets using the keyboard.

You can move or copy a worksheet by going to the tab, right-clicking, and you’ll be presented with a dialog box where you can select your function. You can move your worksheet to a different Workbook by entering its name in the space above.

Use the scrollbars on the right to make other selections like making a copy. Simply click the checkbox for the action you wish to take.

Working with Formulas Across Worksheets

You can calculate different formulas across a worksheet with what Microsoft Excel calls 3D formulas. 3D formulas allow you to calculate data throughout a workbook using multiple worksheets. It refers to the same cell (or range of cells) on multiple worksheets.

Think of a 3D formula as a cross-reference to data in a different Worksheet.

It’s a great way to build summaries and Master Worksheets to bring them together in one place. And it’s a must if your labels and data types vary between worksheets.

Here we want to bring in the formula from another worksheet to this one. We have three worksheets for our inventory costs. We have a breakdown for our Fruits Dept. But we want to bring in the costs for our Bakery and Meats. So, we go to the cell we’ve created, select =sum, hit the left parenthesis ( then navigate to the Bakery Worksheet tab at the bottom, click on the cell where we want the formula to appear and hit Enter. Then the inventory cost automatically appears.

All 3D formulas are based on this syntax: Sheet1:Sheet4!A2:B5.
If you copy or insert a new worksheet after Sheet1 the reference will automatically include it.

Similarly, if you delete a worksheet it will be excluded.

Consolidate Data

You can consolidate data from separate worksheets into one Master Worksheet. They can be in the same workbook or from other Workbooks. Let’s say you have a sales team and a worksheet with their weekly report data, and you want to consolidate this data into a monthly report. There are two ways to consolidate this data:

1. Consolidate by Position: This is when the data in the source areas is arranged in the same order and uses the same labels. You use this method to consolidate data from a series of worksheets that have been created from the same template.

2. Consolidate by Category: Use this method when the data in the source areas is not in the same order but uses the same labels. Here you consolidate data from a series of worksheets that have different layouts but have the same data labels.

We are only going to demonstrate Consolidate by Position because it’s an organizational best practice.

Here’s our example Workbook. Data is in the same order and uses the same labels.

Creating a clean master worksheet for this is best. But if you use a worksheet with pre-existing data make sure you have a blank area where the consolidated data can appear.

To start, click in the upper left-hand corner and click Consolidate. A window will open. By default, SUM will be your option, although there are others to choose from. Average is the next most common function people use.

Now we want to choose our ranges from each of the worksheets. We’ll collapse the Consolidate box and click on Week 1. Select the entire range.

Bring back the dialog box and add this week to the references.

Now, when you click on week 2 to do the same, it’s already pre-selected. Just click Add. And do the same for the next two weeks. Now you’ve told Excel what data you want to consolidate.

Creating Links

You must choose between automated and manual updates. If you want Excel to consolidate your worksheets automatically when you change data, you must tell it to do so by checking this box: “Create links to source data.”

Press OK and Excel will generate the consolidation. It’s up to you to format it the way you want. But you’ll only have to do this once if you used “create links.” If so, Excel automatically updates any changes.

Notes:

You can’t create links if the source and the data are on the same worksheets. This means it’s smart to group data into worksheets in smaller periods. In this case, we did it by weeks.

If the information you want to consolidate is in a different Workbook, you want to browse for that Workbook before you begin the consolidation process. Then you can select the reference in the same way we did above. Excel will create the path for you.

Linking Workbooks

Up to this point, we’ve been working in one Workbook with several worksheets. Just like we pulled data in from multiple worksheets, we can do the same with multiple Workbooks.

Remember our 3D formula? When this same type of linking crosses over to a different Workbook it’s called an “External Reference.” Sticking to our Sales worksheet example, you may have a Workbook for each month or each year.

We now want to compare how our Sales Team did month to month instead of week to week. We are going to add a link to last month’s total. Just like before: select =sum, hit the left parenthesis ( and navigate to the Workbook you want. (Here’s it’s the Monthly Sales Workbook.)

You’ll see that single quote marks have been added to the syntax. This is because there is a non alpha-numeric character in the name (space). You’ll need these when links are broken as well.

Here’s how to do it in the opposite way. Start in your first file, go to copy or Control C.

Go back up to Conditional Formatting and grab your Workbook and do a “Paste Special.”

And down at the bottom left click “Paste Link.”

And here it is.

Managing Lists

Excel lists don’t typically use formulas. They use filtering and sorting instead. So, it’s important that lists have column headings and that there are no empty rows in your lists.

First, we’ll do a simple sort: From the list below, we’re going to organize who had the most wins.

  • We click the column header for Wins.
  • Go up to Sort & Filter in the top right and sort from highest to lowest.

Next, we’ll sort by multiple columns:

Select your columns.

Go to Sort & Filter > Custom Sort

And we’re going to sort by Earned Run Average (ERA).

You can see below that it worked. (ERA sorts smallest to largest because a smaller number is better.)

Auto Filtering

This is how you can include or exclude any row data.

Select any column or header and under Sort & Filter choose Filter.

To the right of any column header there’s a drop-down menu.

We’re going to see who was selected for the HOF (Hall of Fame.)

Click the drop-down and deselect everything.

Then choose Y (for yes).

Click OK and now you’ll see just the players who were selected for the Hall of Fame.

The Filter Icon is an easy way to see that a column is filtered.

Now we’ll customize the filter by Strike Outs.

Click the drop-down next to Strike Outs.

Choose Largest to Smallest.

And now the list is ordered by Strike Outs.

We want to see how many Wins they had. Go to the Wins and click the drop-down menu. Under Number Filters.

Choose Less Than and enter 20 > OK

Now we see the pitchers who won less than 20 games.

Sum Up Totals

Click in the cell where you want the Sum to appear and choose AutoSum>Enter.

And if you decide to take off all the filters, the Sum will recalculate automatically.

Working with Dates

Dates and times are the most common functions people work within Excel, but they can be frustrating because Excel uses a serial number to represent a date instead of the typical 01/02/18 format and hours, minutes and seconds that we’re used to. It’s further complicated because dates are days of the week.

For example, In this system, the serial number 1 represents 1/1/1900 12:00:00 a.m. Times are stored as decimal numbers between .0 and .99999, where .0 is 00:00:00 and .99999 is 23:59:59. The date integers and time decimal fractions can be combined to create numbers that have a decimal and an integer portion. For example, the number 32331.06 represents the date and time 7/7/1988 1:26:24 a.m.

The Date Function will help. It’s on the Formula part of the Ribbon under Date & Time.

The TODAY() Function and the NOW() Function

The TODAY function returns the serial number of today’s date based on your system clock and does not include the time. The NOW function returns the serial number of today’s date and includes the time.

Here we are using the Today function. Excel will always use the exact date. The Today function is useful for calculating intervals. You might use this function to calculate someone’s age.

For example, we entered =YEAR(TODAY())-1965

And the age Excel came up with is 53.

TODAY always had the () following it.

The NOW () function is useful when you need to display the current date and time on a worksheet or calculate a value based on the current date and time, and want that value updated each time you open the worksheet.

Formatting Dates

This is found on the Home Ribbon.

Under DATE you can see many ways you can display your information.

Formatting and Conditional Formulas

Conditional formatting highlights important information in a spreadsheet. But sometimes the built-in formatting rules aren’t enough. Adding your own formula to a conditional formatting rule helps you do things the built-in rules can’t do.

Here we want any ERA lower than 2 to be highlighted in red.

Highlight the column and click on Conditional Formatting.

We selected Cells Less Than 2.00

The IF, AND, and OR Functions

IF

The IF function helps you make logical comparisons between a value and what you expect. For example: IF(Something is True, then do something, otherwise do something else)In this sense an IF statement can have two results. The first result is if your comparison is True, the second is if your comparison is False.

Below we’re going to determine our WINNER based on a calculation of IF:

Based on our IF formula, Chester is our WINNER!

OR

Use the OR function, to determine if any conditions are TRUE.

Here we use a formula that tells us if someone is SAFE or FIRED.

That’s it until next time! To View this Demo on YouTube visit:

https://www.youtube.com/watch?v=ONeVQplb_bM&feature=youtu.be

To View Part One of this Series, visit: https://www.youtube.com/watch?v=zA8X9wqrn1I

You’re In The Path Of The Hurricane – Are You Ready?

Weather is unpredictable, and this is clear every time a meteorologist gets the forecast wrong! Do you have a contingency plan in place for your organization to be ready on a moment’s notice?

Hurricane Preparedness

Ah, the weather. The weather decides the fate of so much of what we do. Going to a backyard BBQ this weekend? There’s a good chance of rain, so you may want to check if it’s still scheduled. Heat wave coming? Better re-think that marathon and consider a movie marathon instead. Planning an outdoor wedding – maybe on the beach – in June? You probably want to have a backup plan in case of a hurricane!

But seriously, major storms happen. The reality is the projected path of a storm isn’t set and can shift at any time, putting any of us right in its path, whether a hurricane, a tornado, a nor’easter, flash flooding, or anything in between. With every inch of the globe susceptible to major storms, emergency preparedness is important.

Are you prepared?

Businesses along the coastal United States are aware that hurricane season is predictable. Every year from roughly May through the end of November, though the actual timing varies, it’s expected that a handful of hurricanes will impact life, and force us to consider everything from emergencies to contingencies.

  • Each year, an average number of 13 major storms, like hurricanes and tropical cyclones, impacts the North American coastal regions. Some storms, like Hurricane Katrina in 2005 and Hurricane Sandy in 2012, or more recently Hurricane Harvey in 2017, cause tens of billions of dollars in damage.

There are also storms that aren’t classified as major based on environmental impacts, but these still have the potential to impact daily life, especially with damage, power outages, and even temporary flooding. Some cities essentially shut down for days, or even weeks, after the winds calmed, the waters receded, and the sun shone again.

Insurance companies are quick to estimate damage regarding losses, including homes, cars, furniture, and personal items like clothing. Cities and utility companies can speak to the time estimated for restoring power to communities, and critical needs like clean drinking water and medical care. Organizations like the American Red Cross are quick to assist with food and clothing and personal care items like toothpaste and other hygiene help like mobile showers. The list goes on!

There is no “average cost per storm” because the number can’t be quantified. The cost of infrastructure damage is estimated for each instance, yes, but how can you determine the average impact of an occurrence with so many variables and so little that can be predicted?

If a storm or natural disaster affects the power grid, utility companies try to offer estimates until power is restored, yes, but the outage is felt with much deeper impact. Without power, a family loses lighting inside and out (from the bathroom overhead light to the streetlamps that offer guidance in the dark), but also the power to the refrigerator and stove for basic needs like meal preparation. From the commercial standpoint, a business losing power faces the same issues with the refrigerator in a break room, but much more critical items that may be impacted are digital elements like computer servers, email, and communication, as well as file access and data storage.

Even “low-tech” companies feel the crunch. Grocery stores that lose power have to dispose of all frozen and refrigerated items, representing thousands of dollars in revenue lost. When can power be restored? When can deliveries be made to replenish? When can petroleum stations resume fuel sales? When can families shop refill supplies for home? When can electronic payment transactions resume? Those “low-tech” companies are the same companies that supply resources to “high-tech” firms, like basic office supplies for daily operations. Everything is mutually reliant!

Preparedness is key. What can businesses do to protect themselves in case of a situation like this?

  • Know your risks.
    • Floods, lightning, hurricanes, tornados, extreme heat, tsunamis, landslides, fires and wildfires…a few of these may seem highly unlikely, but the more detailed your list is, the better prepared your business will be. Don’t wait until the flood waters are at your door, or a tornado watch has been issued, or a wildfire is encroaching and emergency services are banging on your door with evacuation orders and it’s too late!
  • Know your warning systems.
    • Local news and weather stations will be the most likely places to inform the immediate community, but these aren’t always the most accurate or reliable sources for information. A “weather radio” is a great investment, and preferably one by NOAA: The National Oceanic and Atmospheric Administration, a nationwide network of radio stations that broadcast continuous weather information from your closest National Weather Service station. Think about this: hurricanes give notice, but tornados don’t!
  • Have a communication plan.
    • If your organization is more than just you, have a plan in place with multiple methods to contact each person so that everyone can be reached. Is everyone safe? Does everyone know what is needed and expected of them, and if the workforce needs to be completely distributed until the eye of the storm passes?
  • Have a backup plan.
    • While more and more brands are moving to the cloud for data and file storage if any files or records are stored on-site or at a location where storms or natural disasters may impact operations, have a backup plan in place. By this, we mean have a plan to back up your data with a plan in place to safeguard this data. This plan could potentially eliminate your brand’s downtime, which directly translates to minimizing loss of revenue and maintaining continuity of processes.
    • Whose responsibility is it for maintaining these back-ups and contingencies, and what methods are in place for data or access restoration?
  • Protect yourself.
    • What safeguards do you have in place for both physical and digital protection during times of extreme situations? Nobody enjoys spending time worrying about the safety of an office or if their network is secure. Now is the time to assess these safeguards and update to minimize your overall risk.

Storms and natural disasters are not the only dangers we face that require contingency plans.

  • Did you know that cybercriminals have attempted to gain control of major infrastructure elements in the United States, like the power grid, systems that control water supply, aviation communication and control, and more? These threats give no warning but require equal efforts on your part for safeguard measures. What can you do in situations like this? The same list above applies!

Don’t wait until cybercriminals, weather, or a natural disaster is looming; make a plan now to be prepared IF something should happen and stay ahead of the proverbial storm. Steps you take now may well be the difference between survival and suffocation. Your contingency plan may just save your professional life!