About Sandra Viveiros

This author has not yet filled in any details.
So far Sandra Viveiros has created 128 blog entries.

Protect Your SMB & Non Profit from Inner & Outer Cyber Attacks

By |2019-07-10T16:03:55-04:00July 10th, 2019|Dark Web Monitoring|

We know what your thinking…

“Why would a hacker want my small to medium business or non-profit? Why would they go after me?”

Considering that you think this way, is why you’re a bigger target. Being an SMB’s or a non-profit makes you more of a target because you have an assumption that you won’t be attacked. The statistics back up all the information:

43 percent of cyber attacks target small business. 60 percent of companies go out of business within six months of a cyber attack. 48 percent of data security breaches have been done with malicious intent.[1]

As a small organization, these stats cannot be ignored. 

It may be hard to understand and believe why hackers would target non-profits or SMB’s, but it does happen, and unfortunately they receive no media coverage due to how small the business is. And worse yet, most SMB’s and non-profits don’t take cyber security seriously, or not as seriously as they should.

An owner or executive might believe that their companies don’t have anything of value worth stealing, but that just makes you more of a target. What you forget is that you have something that hackers want, things that are of extreme value such as customer payment information, employee information, passwords, and important day-to-day operations.

It’s realistic to say that data is the new gold, and you wouldn’t leave your gold coins out in the open ready to steal. 

If your system isn’t secure, hackers can stop your day-to-day operations, steal important client information, such as social insurance numbers and address, and encrypt your data all together. Part of the service you offer as an SMB and non-profit is making sure that your users information is protected. In fact, it should be a guarantee or else you may face legal consequences.

The Outer threat: How does the criminal underworld called the Dark Web affect you?

When data breaches occur to big corporations (recent breaches include LinkedIn, Air Canada, CIBC, BMO & more), the credentials, SIN, banking info, etc. starts to get sold all over the Dark Web. 

That stolen data is then used to steal your identity, your money, and further spread the computer diseases to your friends and colleagues.

How can you stay protected from the Dark Web? Here’s a step by step process to ensure greater security:

Knowledge is Power:

Register for a free domain check to see if you or your organization’s credentials are being sold over the Dark Web.

Password Protection is key:

About 80% of people will use the same password or a derivation of the same password for multiple different services [2]. This makes it extremely easy for hackers to gain access to multiple services if they buy only one on the Dark Web. “P@ssw0rd1!” is not hard to crack – check out our password tips to become more secure.

Use multi-layered security solutions:

For example; you can set Twitter to send you a verification text every time your account is signed into.

Keep your software up to date:

Antivirus services are constantly finding new threats and updating their procedures. Make sure to update your software so you are protected from the newest and more sophisticated threats

Call in the experts:

When you deal with cyber crime, you need to know what to do; you need to be an expert. Not everyone can spend all day thinking about security, but there are experts like E-Tech who do.

The Inner Threat: Protecting your company involves looking inwards.

It’s easy to assume that any cyber attacks would be coming from outside of your organization, but here’s the hard truth:

55 percent of all cyber attacks are from the inside of the organization, 31.5 percent done by malicious employees and 23.5 percent done by company insider who accidently leave the company open to attacks.[3] 

If you’re an owner or executive at your respective firm, it’s your duty to ensure that you protect your business and your team. Protection can no longer be solely focused on exterior threats, but equally with interior threats happening all the time.

An important tip to preventing internal hacks is keeping a sharp eye on authorization requirements, meaning limiting employees access to sensitive data. This can be an important first step to preventing some internal hacks.

As an SMB’s or non-profit organization cyber security is a very serious. You can never assume that your company is not a target just because your a small business. 

As an organization you not only owe it to your employees but you owe it to your customers to have your business as secure as possible.

Get a free dark web scan to begin securing your business from cyber criminals.

5 Steps to Test Your Backup Recovery Plan

By |2019-06-13T10:00:21-04:00June 13th, 2019|Business Continuity Solutions, Uncategorized|

Businesses face many different threats everyday – but being prepared for the worst with an intelligent Business Continuity Solution will give you a sense of comfort. The future is unpredictable and unknown but having a plan in motion shows the proactive awareness and due diligence of your company.

Few companies can afford disruption to their services for a prolonged period. For the small to medium size businesses, a day to a week of downtime could be a death sentence for your business. For large companies and corporations, a day to a week of downtime can result in millions of dollars lost due to missed work, and that doesn’t include the possible legal repercussions of a data breach.

What would downtime cost your business? Find out here.

Considering that the 3 major cyber threats to companies are hardware or system failures, malware and ransomware, and human error, it becomes nearly impossible for a company to protect itself without a proper BCDR plan and significant cyber security awareness training.

Even the strongest and most prepared companies deal with disruptions, data breaches, delays and issues. Just since the start of 2019 Facebook exposed up to 600 million passwords, the Marriott hack exposed the passport numbers of more than 5 million people, and 5 million Google passwords were leaked.

Business continuity helps your company become resilient and safeguards all the interest of your customer and employees. This helps you to focus on what matters to you the most: providing the services that your companies are built on.

If the disruptions are well managed and tackled right away, the harm that has been done can be fixed. The smallest disruption mishandled wrongly can be costly in both the financial term and lost data.

Business continuity provides many different values to customers and managers. The good that it provides managers is for the worst moments that your business could face, showing that there’s a light at the end of the tunnel.

With unpredictable disasters, companies have put an emphasis on how fast the company can recover from the disruption. The real threat that effects companies in the 21st century are either manmade or natural, and these can have a disruption on your company with an unknown timeline of when they would return.

Great, you get the importance on why having a business continuity plan is essential for all business. Now it’s important to test your backup recovery plan to see if it’s up to par – and we broke it down into 5 steps:

STEP 1: Know the Backup Infrastructure

Before you get started on your backup recovery plan, evaluating the current backup infrastructure first can help greatly. This could include your systems’ backup servers, backup media and system storage components.

The objective of this assessment should be to consider how effective the existing infrastructure is in recovering affected data amid a network security breakdown or other disasters. Secondly, there also needs to be a focus on identifying critical data from non-critical ones and the storage capacity of the components. This will help determine the extent to which critical data can be backed up using existing storage capacity.

STEP 2: Conduct Capacity Planning

The aim here is to understand the gap between the existing and expected storage requirements and anticipate how storage requirements will grow over the next 6 to 12 months. It will also help to know how the organization seeks to scale its existing backup infrastructure to meet this growth and how many different types and number of backup clients will it involve.

STEP 3: Evaluate User Policies and Procedures

In this step, the company policies, requirements, and procedures need to be reviewed to decide best practice. This includes deciding on the optimal backup schedule so that all data is backed up automatically.  This could vary from organization to organization; however, it will essentially depend on the nature of data that requires back up. For example, some companies may require a daily backup of their customer account database especially if it is being updated regularly; others however, may only need a weekly or monthly backup.

STEP 4: Identify Resource Needs

This step is crucial to a successful backup recovery plan. Issues relating to financial constraints, organization infrastructure constraints and personnel constraints need to be taken into account. For example, in the case of personnel constraints, a CIO needs to ask whether their number of employees is sufficient to perform a backup recover operation and whether they have the required skill-set to perform such an important task.

More importantly, infrastructure constraints could involve adding more data center resources or a backup recovery system to store files and other data.

STEP 5: Test Your Backup and Recovery Plan

Once you have made the necessary actions to have a backup and recovery plan, run simulations to ensure it works well, helping you to be prepared in the wake of a real security breach or a disaster.

To test your backup recovery plan, it is important that backups on all critical data be performed and no areas or servers are excluded. Your staff members also need to be trained on how to shut down the applications and load them upon restarting.

Furthermore, the backup recovery plan should also be timed to assess the speed at which it can backup and store critical data. Knowing how responsive your backup process is can be critical in an emergency scenario.

E-Tech has Business Continuity Solutions to help its clients succeed in today’s complex business environment. You can evaluate Your Recovery Time and Recovery Point Objectives with our Recovery Time Calculator.

Feel free to Contact Us for more information.

>

How Much Data and Time Can You Afford to Lose?

By |2019-05-09T10:00:28-04:00May 9th, 2019|Business Continuity Solutions, Uncategorized|

Business Continuity and Disaster Recovery (BCDR) is the ability to keep daily operations running even in the midst of a natural, man-made or technical disaster.

It isn’t just about data backup, but having a successful BCDR plan does address ready access to backups and timely restorations – and all of the potential obstacles you might encounter in the process.

The costs and consequences of downtime can be measured by asking yourself two questions:

‘How much TIME you can afford to lose?’ (Recovery Time Objective, or RTO)

‘How much DATA you can afford to lose? (Recovery Point Objective, or RPO).

In order to be effective, a business continuity plan must establish an acceptable RTO and RPO for the business and engage a backup and recovery solution that can achieve both in the event of a disaster or outage.

You might ask: ‘how can I even calculate my Recovery Time Objective and Recovery Point Objective?’ We got you covered with our Recovery Time Calculator – our easy-to-use tool that lets you discover the total cost of downtime to your organization.

How Much Data Can You Afford to Lose?

A successful plan eliminates or minimizes the amount of data a business would lose in a disaster or outage.

Consider the consequences of losing all of the data your employees and customers generate in just one day – if it’s possible at all, how long would it take to re-create critical data generated by sales, customer service, marketing, human resources, registration and other internal departments?

How much would it cost your organization to lose a day’s worth of orders and emails?

How much will it cost for employees to attempt to re-create lost data?

An effective plan that will protect the business must have a method of capturing data at regular intervals that meet the organization’s RPO.

How Much Time Can You Afford to Lose?

Your BCDR plan should not only minimize the amount of data your business would lose, but also the time it takes to get systems up and running again.

When considering how much downtime would cost your business, consider the financial impact of lost customer connections and employee productivity.

How many sales will you lose in an hour or a day if your systems are down?

How many customers will simply turn to a competitor?

What is the hourly or daily cost of lost labor?

What are the overtime costs for IT administrators who must work through the night to restore systems?

In order to minimize downtime and hit the organization’s RTO, a BCDR plan must incorporate a comprehensive backup strategy that protects entire workstations and servers.

This is best achieved through image captures that include all data, applications and operating systems.

A holistic plan must feature fast, full restoration capabilities – including the ability to restore images and files to different hardware or bare metal in case the original hardware is destroyed or damaged beyond repair.

Fast recovery depends on having options for storage and restoration – including the ability for instant local and off-site virtualization.

It also offers the ability to utilize a hybrid cloud-based model to store entire systems locally and off-site.

It’s important to give administrators the ability to manage backup and recovery remotely from a central or alternate location in case a branch office is affected or the central office isn’t accessible.

These options give the business the ability to adapt replication and storage strategy and infrastructure to their changing needs.

Indirect Costs of Downtime and Data Loss

Of course, RTO and RPO aren’t the only ways of measuring the consequences of downtime.

In today’s always open global market, consumers and employees have very little tolerance for downtime and data loss. The fact is, at some point all businesses will encounter the threat of downtime or data loss due to disaster or human error.

While the direct costs of downtime are relatively easy to quantify, the indirect costs can be harder to establish – but are just as devastating to the business.

As you build a case for a comprehensive business continuity plan, consider the impact of negative press, negative social media chatter, employee frustration, lost consumer confidence and reputation damage.

It’s easy to see how quickly downtime and data loss can ruin a business. A business continuity solution protects the business from the potentially devastating consequences of small and large disasters – no matter the cause.

Check out our Business Continuity Solutions page, where you can get a start on a proper BCDR plan!

>

Title

Go to Top