You cannot go a day without reading about some big name company or even government agency being hacked and critical data being compromised. What you don’t see in the media is that most of the attacks happen to small firms, and that this is where a lot of the cybercrime is occurring.

What any business, but especially a small business, needs to be afraid of are cyber attacks that disable your operations, disrupt customer interaction, or breach your customer’s personal data. Contrary to what one might expect, smaller firms are far more likely to be targets of hackers than large firms. They are also likely to have less sophisticated security measures in place. Any firm’s existence can be threatened by these events, but smaller firms are often unable to rebuild after a major breach.

Studies show that customers are less forgiving of smaller firms than larger ones when their personal data has been compromised. The lesson here is that smaller firms are more vulnerable and need to be extremely vigilant.

Each month your management team should review/discuss the components of the cybersecurity program and the business continuity/resiliency plans.

Why do so many people procrastinate about making a will? Why is it so hard to get young people to buy health insurance? Because it is one of those “probably won’t happen–at least in the foreseeable future, and I‘ve got more interesting things to worry about or spend my money on” issues.

Small business owners tend to take the same approach to making business continuity plans in case of a disaster. They are usually fully consumed just running the business and keeping revenues steady and growing. Diverting energies and resources to a “what if” scenario just isn’t an imperative.

There are affordable, effective tools out there that will allow any smaller firm to develop effective business continuity plans, but they only work if you take action. Our best advice to overcome denial? Think of this scenario: If something happened right now and your entire operation came to a halt because of a cyber attack, a power failure, data loss, or a single point of failure hardware event, what would you do? Do you even know who you would call in for help?

It can be a scary thought, but one that merits your attention. Talk to Net DirXions about a proposal to develop a complete business continuity plan. You owe it to yourself and to all the employees who rely on your for their livelihood.

On the never ending problem of cyber security, small firms often do not have any/much in-house IT support. As a consequence, they may be less likely to be able to make sure their software is consistently updated to reflect any patches released by the product’s maker. This simple oversight, deliberate or not, is a major source of data breaches and ransomware attacks.Think back many years to when Microsoft pulled the plug on maintaining Windows XP. Many users refused to upgrade because there were afraid of losing compatibility with other software programs, the unintended consequences of moving to a new OS, or just not being sure how to install an upgrade. Whatever the issue, it meant those users had an operating system that was no longer updated to reflect the latest security fixes. Their operating system became an unlocked gate.

 You may not be scared of technology, but as a small business owner, tracking the release of new updates or taking the time to install them as soon as they come out probably just isn’t a priority. You have a business to run. Adding to this problem, you may also allow your employees to use their personal laptops, mobile devices, and tablets for work duties. If that is the case, then every program on each of those devices is subject to the owner’s willingness and ability to update everything in a timely fashion. If any single device accessing your corporate files and data misses a security patch and is breached, so is your business.

 The lesson here is that you need to take action to implement a company-wide process for maintaining all of your software applications so they don’t become an unlocked door in the middle of the night. A managed service provider can develop a plan to address update and security fixes on all the devices that access your data. It can be more than a small business owner can handle, so instead of ignoring the problem, reach out to find real solutions that will protect your business.

Every business, small or large, has 3 basic levels of technology support needs.

1. Make sure it works - Every organization, from enterprise to not-for-profit, needs IT staff who are able to offer routine maintenance and support, including the updating of hardware and software, handling maintenance, and putting out daily fires.

2. Make sure it works when needed - Technology supports business activity 24/7. Even when everyone in a small business has gone home, there are periodic non-negotiable staff needs at unpredictable times.

3) Make sure it helps make you more money - This top tier is the most important. This is the support that is helping you to proactively manipulate technology to improve revenue.

Download our full White Paper Here.

In our last blog, we explained what ransomware is, and why it can be an especially troublesome virus. Today, let’s look at what you can do to avoid falling victim.

Prevention is the best cure. Follow standard “data hygiene” principles that you probably hear about all of the time. Update your OS, software, and apps whenever a new release or patch is released. Do this ASAP. Some patches may be released solely as a result of the discovery of a vulnerability. Watch out for phishing scams. If anything looks “off” about an email, don’t open it. And never open links you aren’t totally sure of. If unsure, email back to the sender to verify they actually sent you a link. Unfortunately, human error is one of the biggest problems for data security. Employees unwittingly open links received via email or download information from insecure websites.

Beyond prevention, the most important thing you can do to make sure your data cannot be held ransom is strictly adhering to a regimen of backups. Routinely backup your data. However, with ransomware, even backups may not be foolproof. If your data has been infected and you are unaware of it, or the backup is not segregated from your network, your backups may also be corrupted. Given the severe consequences of a ransomware attack, consider having a security evaluation done by a managed service provider who will have the security expertise to advise on the best backup protocols for your situation. Ransomware presents some unique challenges that require more sophisticated data protection protocols. Contact a managed service provider for a complete security evaluation.

The daily reports of cybercrime are important reminders about the need to protect your business from malicious behavior that could threaten the success of your business. There are so many different things that can attack your computer, steal your data, and wreck your day. One of the most troublesome has been the development of ransomware. (FYI. Ransomware isn’t actually all that new– some version has been around for decades)  Ransomware is a type of computer virus that takes your data hostage and like any kidnapping scheme, demands money for the release of your data.

Why is ransomware so nasty? Because it steals the most important thing your business possesses. Data. Worse, once infected there isn’t generally a way out. No one can “disinfect” your machine. You aren’t going to be able to call in IT support to solve the problem. Basically, you have three options.

1. Pay the ransom. This payment is usually via credit card or bitcoin (a digital currency). Some ransomware viruses even provide help lines if you’re having trouble. Of course there are no guarantees your will get access to your data–these are thieves you’re dealing with.

2. Don’t pay and lose your data – This has its obvious downsides, unless…

3. You have a safe, clean backup. In that case, you are stuck with the nuisance of restoring your data with the backup, but you aren’t out any money. However, this comes with a caveat: your backups have to be clean. The problem with ransomware viruses is that just making backups may not be sufficient to protect your data, as the backups can be infected also. In the next blog, we will address your need to add an additional layer of protection to handle ransomware attacks.