Statistics are showing that each year over 50% of small firms are victims of a cyber attack or data breach. Why does this matter? Most smaller firms have not prepared business continuity plans to keep their IT infrastructure going in the event of an attack. Failing to do so often leads to the failure of the business. Delaying the creation of a business continuity plan is a bit like a younger person delaying writing a will, on the grounds that they are not likely to die soon. That may be true, but if the worst occurs the consequences can be severe for their heirs.

If the chance of a breach that could compromise your data or cripple your IT infrastructure is over 50%, there is every reason to immediately develop plans for how your business could maintain operation in the event of an attack on your IT systems.

This is an effort that shouldn’t be delayed. Contact Net DirXions, Inc to help you develop a complete and holistic business continuity plan immediately. Your income and your future depends upon it.

With the devastating fires in California this month,  every business has to prepare for the worst. Those that don’t may never fully recover from a disaster. But not all disasters are created equal. And not all businesses are at risk for every kind of disaster. That’s why we’ve put together this quick Disaster Survival reference guide to help you ensure that your business can keep operating even if a natural disaster strikes. 

BUILDING FIRE OR FLOODING

Description: Fires or floods within an office or building can range from small incidents of short duration to the complete destruction of the facility. 

Potential impact: Even a relatively small fire/flooding incident can have a very disruptive impact on a business. For example, a small fire in an office on an upper floor can result in the complete flooding of computers and telephone systems in the offices below as the building’s sprinkler systems kick in and firefighters seek to extinguish the blaze. Similarly, even a relatively limited amount of water leaking from a broken pipe or valve can put some or all of a business’s technology infrastructure out of commission. A large fire, of course, can force a business to have to relocate all of its operations temporarily or permanently. 

Risk factors: There are approximately 100,000 commercial building fires in the U.S. per year, according to the National Fire Protection Association. Those at highest risk include manufacturing facilities, as well as offices located above or in proximity to restaurants because cooking is a primary cause of non-residential structure fires, just as it is in homes. 

Warning times: Water damage from failed plumbing, sprinkler systems, etc. can short-circuit electronic equipment with zero warning. However, building alarm systems typically give employees a few minutes to shut down critical systems and evacuate the premises. 

A large fire, of course, can force a business to have to relocate all of its operations temporarily or permanently.  

Technology Continuity: 

As noted above, the severity and length of business disruptions caused by fires and flooding can vary considerably. 

To be prepared for extended or permanent facility damage, businesses should: 

• Maintain continuous off-site backup of data, applications, and server images. 

• Have arrangements in place for re-routing incoming calls to an alternative site and/or to employees’ mobile phones. 

• Prepare an emergency posting for the company website that can be activated immediately and progressively as the consequences of the event unfold. 

Prepare an emergency posting for the company website that can be activated immediately and progressively as the consequences of the event unfold. 

People Continuity: 

Because building fires and flooding only affect individual structures (or, at worst, just a few adjoining ones as well), businesses impacted have a lot of options for keeping people productive. Business Continuity plans should include: 

• Arrangements in advance with a nearby shared/furnished office space provider, hotel, college, or other facility for an immediate/temporary operations command center. 

• Next-day workspace provisioning in another company facility, emergency failover “cold site,” or at home personal desktops/laptops with appropriate call forwarding. 

• Internal communications for keeping employees updated on resource availability, recovery status, etc. • Any necessary third-party contracting for shipping/receiving, mail processing, duplicating, etc. 

Process Continuity: 

Again, because building fires and flooding are highly localized, they typically only disrupt processes that touch a single company location. Business continuity plans therefore need to provide for alternative locations and means to perform actions such as: 

• Answering phones

 • Processing orders 

• Issuing invoices 

• Signing checks 

• Filing reports required by regulatory mandates 

Businesses may also seek policy provisions that address work done from home or other locations while the facility is under repair (and/or a new location is secured) as well as business losses that may occur despite best–effort BC planning and execution.

Insurance Considerations: 

A properly insured business should have a policy that covers the expenses above, in addition to the physical damage directly caused by the fire or flood. Businesses may also seek policy provisions that address work done from home or other locations while the facility is under repair (and/or a new location is secured) as well as business losses that may occur despite best-effort BC planning and execution 

One thing smaller firms and individuals are often reluctant to do is download updates to their operating systems and individual apps and programs. Why? Well, because it takes time and you have to reboot the device. Other reasons are a fear that the newest update will have a bug and cause problems. The perception is that it is better to wait a few weeks. Finally, there is a fear that anytime you update a program or OS, something always starts acting weird.

All of these may have a certain legitimacy. Even procrastination has its defenders. But why should you download updates ASAP? Because they are not only about new features and a new gadget – they include patches to security issues that have been identified. One of the easiest ways to protect yourself from hacking malware and other nefarious online viruses is to always update your software. Do it the day the update comes out, because it may be released specifically due to the discovery of a brand new malware or ransomware hack.

Everyone talks about security. Be the person who acts. It is easy.

The cloud refers to using off site computing resources and storage to supplement or even replace the use of on-site/in-house resources. Instead of buying hardware and software to support your business, you are basically outsourcing this set of tasks.

There are 4 benefits for the small firm and today we will look at the first 2.

Elasticity – With onsite computing, if you need additional capacity you have no choice but to purchase that capacity in discrete steps, which means bearing the costs of being over-capacity for a period of time until growth catches up. Onsite computing also means you must have the capacity to handle your own peak computing and storage demands, and resources may go underutilized much of the time. The cloud allows complete elasticity in the utilization of computing resources. You buy only what you need, as you need it. You can grow or downsize as the business demands.

Pay as you go – On-site hardware involves significant capital expenditures. The cloud allows you to pay for only what you use. The cloud also allows you to benefit from economies of scale that aren’t available using the in-house model. Labor, equipment and maintenance expenses are shared across a vast pool of users.

In the next few weeks, we’ll return to this subject to look at other ways the cloud brings efficiencies to your technology infrastructure that you could never achieve on your own.

Recently, we talked about ways the cloud brings value, business protection, and economies of scale to the smaller firm that they could never achieve by themselves. Today, we look at a final benefit of the cloud.

Protection against on-site disaster – If a disaster strikes your physical business location, on-site resources can be damaged, destroyed, or become inaccessible for a period of time. Even if it isn’t a major disaster, if you have a failed server your business could be down for an extended period. When everything occurs in the cloud, you are vaccinated against this type of business calamity. You can still access and use computing resources from anywhere.

In summary, left entirely on its own a small firm just does not have the resources and capital to fully support its own technology infrastructure. The cloud turns that upside down, enabling firms to enjoy the benefits of a fully supported tech foundation without levels of expenditures that are just not feasible for smaller operations.

Many small firms are pretty busy handling their own business, and don’t give much thought to what they would do if a natural disaster from a bad snowstorm to much worse hit their physical location and cut power, or physical access to the building. What if the equipment storing all of your data and software needed to run day to day operations became inaccessible? What would happen to your ability to continue to serve your clients or customers?

Though we call it the cloud, with images of gray skies and rain, the cloud can be a ray of sunshine. It is an excellent and cost effective resource for smaller firms to make sure they maintain 24/7 access even in bad weather. Because everything is maintained off site, you can (1) bypass disruption or damage that may have occurred at your physical site, and (2) access what you need to keep your business functioning from any remote location.

Small firms need to realize they are most vulnerable to business disruptions, as they have less capital and fewer resources to carry them through a bad period. The cloud represents a simple and value driven resource to address business continuity issues that could turn a small firm’s business upside down.

If you’ve been following the news, the Internet of Things (IoT) is getting increasing attention. You’re probably also thinking this is some Silicon Valley fancy thing that will take years to reach the rest of us.

Not really. You probably already have some items of your own tied into the Internet of Things.

First of all, what is the IoT? Simply, it is any object that collects data about itself or its surroundings, and then transfers that data across a network to some other object, which can then make use of that data. For example, if you have a baby monitor that sends crib pictures from upstairs to your phone, you’re tied into the IoT.

But what about business people? Where is it showing up in the workplace? You may have security cameras tied to a network where they can be monitored by a PC or phone. A front door lock that can be remotely opened via phone. A thermostat that can changed by the same phone. Internal lights that go on when you phone approach. All of these are part of the Internet of Things.

If you have questions about whether being tied into IoT presents a data security issue or hacking threat, you should contact a service consultant to discuss these issues. Headlines are now appearing about hacking into the IoT for nefarious purposes. It is a good idea to stay ahead of the curve because as a business, data is a revenue-critical issue. Seriously, you don’t want the front door telling someone your client’s private data.

Any business that stores customer payment information must comply with a number of state and federal regulations. The legal, healthcare, and financial sectors have a number of laws tailored specifically for them (such as HIPAA or CISPA). If you run almost any kind of professional practice or agency you probably have very specific data security requirements. Running afoul of these regulations puts you at risk for legal action and probably means that you have bad security in place.

As a professional, your focus needs to be on your clients and running your firm. Regulatory requirements to ensure data security can be complex and include rigorous testing requirements. Ensuring compliance with the regulations can be a serious distraction for you and take you into territory where your experience is limited.

One of the best solutions is to work with a third party who has strong credentials in the area of regulatory compliance and data security. When you are working with a third party to set up security or data storage, make sure that they have experience working in your industry. Finding a service provider with experience in your profession can give you peace of mind knowing that you can focus on running your business without the distraction of ongoing technology concerns.