Data Regulation and your Business: Data Protection Laws

Data Regulation and your Business: Data Protection Laws

Data Regulation and your Business: Data Protection Laws

Small firms are probably aware that there are laws regulating the handling of data, but they probably assume that these apply only to larger firms and that they are too small to have any data that is worthwhile or protected under state/provincial or federal laws. Think again. Data protection laws generally worry about the content of your data, not the volume of it. That is, you don’t need to have “tons” (not the technical term) of data to be to regulated by data privacy laws. If you maintain personally identifiable information (PII) you may be regulated by these laws which may include penalties and fines for non-conformance. PII means you store a person’s first name/initial, last name and then link it to another piece of personal information, such as, but not including:

  • Social Security Number
  • Driver’s license, or state ID
  • Passport
  • Some financial account number, e.g. credit/debit card, checking account, etc.
  • Health insurance ID

You are very likely required to observe regulations regarding protection of that data, and reporting of data breaches.

This isn’t an issue for the faint of heart. Contact Net DirXions your managed service provider with expertise in your specific industry or field of business to make sure you are in compliance. Failure to maintain compliance can lead to some very expensive fines and penalties.

A security hack doesn’t have to mean the end of your company!

A security hack doesn’t have to mean the end of your company!

Statistics are showing that each year over 50% of small firms are victims of a cyber attack or data breach. Why does this matter? Most smaller firms have not prepared business continuity plans to keep their IT infrastructure going in the event of an attack. Failing to do so often leads to the failure of the business. Delaying the creation of a business continuity plan is a bit like a younger person delaying writing a will, on the grounds that they are not likely to die soon. That may be true, but if the worst occurs the consequences can be severe for their heirs.

If the chance of a breach that could compromise your data or cripple your IT infrastructure is over 50%, there is every reason to immediately develop plans for how your business could maintain operation in the event of an attack on your IT systems.

This is an effort that shouldn’t be delayed. Contact Net DirXions, Inc to help you develop a complete and holistic business continuity plan immediately. Your income and your future depends upon it.

Business Natural Disaster Survival Guide: Building Fire or Flood

Business Natural Disaster Survival Guide: Building Fire or Flood

With the devastating fires in California this month,  every business has to prepare for the worst. Those that don’t may never fully recover from a disaster. But not all disasters are created equal. And not all businesses are at risk for every kind of disaster. That’s why we’ve put together this quick Disaster Survival reference guide to help you ensure that your business can keep operating even if a natural disaster strikes. 

BUILDING FIRE OR FLOODING

Description: Fires or floods within an office or building can range from small incidents of short duration to the complete destruction of the facility. 

Potential impact: Even a relatively small fire/flooding incident can have a very disruptive impact on a business. For example, a small fire in an office on an upper floor can result in the complete flooding of computers and telephone systems in the offices below as the building’s sprinkler systems kick in and firefighters seek to extinguish the blaze. Similarly, even a relatively limited amount of water leaking from a broken pipe or valve can put some or all of a business’s technology infrastructure out of commission. A large fire, of course, can force a business to have to relocate all of its operations temporarily or permanently. 

Risk factors: There are approximately 100,000 commercial building fires in the U.S. per year, according to the National Fire Protection Association. Those at highest risk include manufacturing facilities, as well as offices located above or in proximity to restaurants because cooking is a primary cause of non-residential structure fires, just as it is in homes. 

Warning times: Water damage from failed plumbing, sprinkler systems, etc. can short-circuit electronic equipment with zero warning. However, building alarm systems typically give employees a few minutes to shut down critical systems and evacuate the premises. 

A large fire, of course, can force a business to have to relocate all of its operations temporarily or permanently.  

Technology Continuity: 

As noted above, the severity and length of business disruptions caused by fires and flooding can vary considerably. 

To be prepared for extended or permanent facility damage, businesses should: 

• Maintain continuous off-site backup of data, applications, and server images. 

• Have arrangements in place for re-routing incoming calls to an alternative site and/or to employees’ mobile phones. 

• Prepare an emergency posting for the company website that can be activated immediately and progressively as the consequences of the event unfold. 

Prepare an emergency posting for the company website that can be activated immediately and progressively as the consequences of the event unfold. 

People Continuity: 

Because building fires and flooding only affect individual structures (or, at worst, just a few adjoining ones as well), businesses impacted have a lot of options for keeping people productive. Business Continuity plans should include: 

• Arrangements in advance with a nearby shared/furnished office space provider, hotel, college, or other facility for an immediate/temporary operations command center. 

• Next-day workspace provisioning in another company facility, emergency failover “cold site,” or at home personal desktops/laptops with appropriate call forwarding. 

• Internal communications for keeping employees updated on resource availability, recovery status, etc. • Any necessary third-party contracting for shipping/receiving, mail processing, duplicating, etc. 

Process Continuity: 

Again, because building fires and flooding are highly localized, they typically only disrupt processes that touch a single company location. Business continuity plans therefore need to provide for alternative locations and means to perform actions such as: 

• Answering phones

 • Processing orders 

• Issuing invoices 

• Signing checks 

• Filing reports required by regulatory mandates 

Businesses may also seek policy provisions that address work done from home or other locations while the facility is under repair (and/or a new location is secured) as well as business losses that may occur despite best–effort BC planning and execution.

Insurance Considerations: 

A properly insured business should have a policy that covers the expenses above, in addition to the physical damage directly caused by the fire or flood. Businesses may also seek policy provisions that address work done from home or other locations while the facility is under repair (and/or a new location is secured) as well as business losses that may occur despite best-effort BC planning and execution 

Don’t steal… It isn’t nice and makes you vulnerable to security hacks

Don’t steal… It isn’t nice and makes you vulnerable to security hacks

 

Don’t steal. It isn’t nice. And… it makes you extremely vulnerable you security hacks if you “steal” software packages. Smaller firms often will use unlicensed software packages to save money. This is especially true if they only need a program for a specific task. Aside from the legal and ethical issues involved here, there is a very selfish reason not to do this. Software providers are constantly sending users updates to their programs, and those updates aren’t just about features. They include fixes to security holes and protections against specific new viruses that have been discovered. So, the longer you have an old, outdated software program on your PC or laptop, the more vulnerable you become. Is it really worth saving $200.00 when your entire business’s IT infrastructure could be put at risk? We suggest not.