Categories
Business Cybersecurity

Don’t be part of the 43…

IT Security… It seems like every other day we hear about an IT Breach from a major business in the U.S. but the fact is 43% of breaches occur in small businesses. Given that a breach could cost you, on average, $160 PER RECORD, it is vital that your small businesses take appropriate steps to mitigate the risk of a breach.

Verizon released its 2019 Data Breach Investigations Report which shows some startling facts. A third of the breaches surveyed involved social engineering and another 28% used Malware in the attempted breach. Of the 90 incidents included in the survey related to the retail vertical, 70 resulted in a breach… a 78% successful breach rate is remarkable. The hospitality industry was similarly vulnerable at 75%. Across the business landscape are similar metrics: Education-32%, Finance-34%, Manufacturing-30% and on and on. In 24% of the breaches, Ransomware was used. This is not to mention the growing trend of crypto mining (using breached computers to mine for cryptocurrency like Bitcoin).

The problem is, most people look at the cost of deploying protections for their business as ‘too much money for so little risk.’ They think because it hasn’t happened yet or because they are ‘too small’ or any number of equally wrong ideas that it won’t happen to them. But the fact is, if it DOES happen, you could be out of business ‘Tout suite.’ You might be thinking to yourself, ‘But I am insured. I’ll be ok.’ If so, you should re-read your policy and look for the due diligence clause which says, basically, If you don’t do all you can reasonably do to protect the data in your possession, they won’t payout for the breach.

Cybersecurity doesn’t have to be ridiculously expensive or intrusive. A little education and the proper application of some expertise can make the difference between a major inconvenience and a catastrophic failure for your business. And now for some shameless self-promotion…

Daedalus Digital can both educate you in how to avoid falling prey to these schemes and help harden your systems in the event that they do occur. Give us a call and we’ll make it as painless as possible… promise.

Categories
Business

Stormclouds

The Cloud’ … We hear the term used on a near constant basis in today’s business environments. Cloud-based applications are everywhere and offer nearly every imaginable service. It is billed as the best solution to any given problem. You pay a fee to a third party, which is less than the cost of doing it yourself, and they store your data or process your data or keep your data secure. This, in my opinion, is both the great boon and the great bane with ‘The Cloud.’

My own reluctance to fully embrace ‘The Cloud’ is well known in the circles I frequent. Don’t get me wrong, The Cloud has great utility. It can provide access to better and more powerful tools than smaller businesses might otherwise be able to afford. It allows larger companies to hand off risk and even out costs over time. Admittedly, the judicious use of ‘The Cloud’ can help businesses be more efficient and more productive. But there is a BUT…

Cloud-based systems hand control over your data/processing/storage to someone else. It adds a layer of abstraction between you and your hardware/software/security. We simply assume that the cloud provider is better than we are at everything. Their security must be better, their talent must be better, their resources must be better. That is why we should move to the cloud, yes? Unfortunately, that is not always (or even most of the time I argue) the case.

Just today Google (100k employees producing $136B in revenue) announced the discovery of a bug that allowed passwords for G-Suite Enterprise accounts to be stored in plain text… for FOURTEEN years… Think about that for a minute. G-Suite wasn’t officially released until August of 2006. Google did not say how many users were affected but as of January of 2017, there were around 4 million paying business customers for the platform. To be fair to Google, passwords are only one of the measures used to keep and maintain security over their product but if this bug went undetected for 14 years what other bugs might yet be undetected? Hopefully it won’t be another 14 years before we find out. Lest we think this was a one off event: Both Twitter and Facebook (and oh so many more…) had much worse events where hundreds of millions of user passwords were either hacked or stored in plain text.

The obvious question then becomes ‘So what am I supposed to do?’ To be honest; that is the same question I am currently struggling with. It seems the choices are to keep things in-house and risk losing out on opportunities that come my way or risk my secret sauce and trust that my vendor is doing it right and protecting my data and processes properly. I think the answer lies somewhere in Rule #6 (part of an upcoming series; stay tuned) which states “I believe my company’s success is my responsibility. I understand that being ‘compliant’ does not mean I am safe.”

Categories
Business

Disaster Preparedness and You

Windows - Blue Screen of Death
The infamous Windows Blue Screen of Death

Businesses today run on information; contact information, sales data, inventory, production, and on and on… We collect this data and store it in the hopes that it will provide insights that make us better, faster, stronger.

In 2018, nearly four hundred million hard drives were sold worldwide (Global Shipments of hard disk drives (HDD) 2010-2018 | Statistics, 2019). At an average drive capacity of two and-a-half terabytes we are adding around an exabyte (a billion terabytes) of capacity every year, a staggering number to be sure.

The good folks at Backblaze, a California-based online storage provider, have graciously published hard drive performance for the last five years. If you are thinking about buying a hard drive, I encourage you to take a look there. What we see is an average annual failure rate, across the various drives, of about 5%.

Consider this: at a 5% annual failure rate we are looking at nearly twenty million hard drive failures each year. Statistically you have fairly good odds of avoiding a failure but 5% is not insignificant. Over the next two years your odds jump to around 8% and by year 4 nearly 20% of all drives will fail: 20%… 1 in 5 drives won’t last 5 years. Do you like those odds? I know I don’t.

This is why it is literally vital to your business to backup your data. Using a service like Backblaze, a private cloud platform, or even backing up to a secondary local device, can provide security to your business and prevent a catastrophic loss of data like your customer and sales lists, inventory levels, and accounting.

Shameless plug: We can help you identify the right solution for your needs and budget. Give us a call and let us help you.