Cyber Security for Small Business: 4 Pillars of Data Protection
Today’s modern business is about data. This information is the lifeblood of any business. It is your company’s finances, customer information and history, inventory, payroll, invoices and documents. You have data that your clients have entrusted you with as well: payment information, account numbers and PII (personally identifiable information). Your business has a responsibility to protect this data if it wishes to remain in business.
At TS Conard, we feel there is no greater responsibility for any IT provider than to protect the integrity of the client’s data. In order to achieve that goal, we educate our clients on what we call our four main pillars of data protection:
1. Network Security – Firewall/Security Appliance
Your network firewall is the frontline defense against cyber-criminals, so you need a really good one. This is the edge security of your network that separates your internal network from the global internet. It needs regular monitoring and maintenance. We are not talking about a Linksys “Wal-Mart special” here, but rather commercial-grade Next Generation Firewall.
2. Endpoint Security – Device Protection
Speaking of commercial-grade, your Antivirus solution needs to be business-class as well. Don’t be using AVG Free edition or a hodge-podge of different AV programs across your network. Invest in a quality Antivirus program (like McAfee, Symantec or ESET), buy the correct number of licenses, and keep them up to date. This will protect your users from threats that are initiated on the workstations inside your network.
3. Employee Education
Educate your employees on how to recognize the “bad stuff”. We do this by using real instances as examples for recognizing the scams from both email and phone calls. Review your company security and computer use policies. Make sure staff members understand the real risks in not following them. Establish password discipline guidelines and ensure they are followed.
Every business has that one employee who will click on anything. Fraudulent emails are being received daily. These phishing attempts are getting VERY GOOD at simulating legitimate email notifications. Our best solution has been to have employee-wide meetings and show them snapshots of these fraud emails, and illustrate how these attempts work (by collecting personal or sensitive business info).
Hopefully, in doing these things, you will establish a company culture that can recognize bad security behavior. Bring instances up for review in order that you may develop a methodology to handle that threat.
4. Backup & Disaster recovery
This is your last line of defense against malicious activity or hardware failure. Consider a good BCDR (Business Continuity & Disaster Recovery) solution as an insurance policy for your company’s data. And in my experience, you are far more likely to use this insurance than ANY OTHER insurance you’re paying for.
- Insist on regular, remote and redundant processes. A good rule of thumb is 3-2-1. That means three copies of your data stored in two off-site locations, backed up a minimum of one time per day.
- Guard against human error. Make sure people performing backups and restores know exactly what to do – and what not to do. Or better yet, take people out of the loop and automate wherever possible.
- Could some files be getting left out? As resources are added and priorities shift, files and folders can get misplaced or accidentally left off the backup list. Insist on a quarterly or annual meeting with your backup management team to make sure all mission-critical files are included in your organization’s data recovery systems.
- Trust but verify. Test your backups to make sure your data is recoverable. Take it a step further: shut down your server and ask yourself, how do I get back to operational? Basically, simulate the worst-case scenario, and then develop a plan to continue to operate during the disaster.
Of course, even with all these measures in place, there is no silver bullet for protecting your business from malicious activity or hardware failure. However, I can promise you, an organization that has these safeguards in place is at FAR LESS risk for damage than an organization that doesn’t.
If you are unsure about the status of your organization’s network or security health, there are a number of technology solutions providers in the St. Joseph area that will perform an assessment of your security posture at no cost.
You’re Invited to Attend Our Free Event!
Join TS Conard’s Dave Cooksey as we assist business owner and managers in understanding today’s cyber security threats as well as go over the best practices for keeping the business secure.
Enjoy an Open Bar, appetizers, and a highly valuable presentation from Saint Joseph’s leading industry firm.
In addition to the valuable information you will receive, all attendees will be eligible to receive a Free Network & Security Assessment (a $300 value). Use this information to audit your current IT infrastructure and determine important areas or security weak points.
But hurry, seating is limited and we’re already filling up, so reserve your spot below:
(or visit: www.tsconard.com/events)
Time to Get Vulnerable
By Darren Hardy
When you hear the term “leader,” adjectives like strong, assertive, and powerful come to mind. But what about vulnerable? Those in leadership positions often believe that displaying vulnerability to their team is a sign of weakness.
I’m here to tell you that they couldn’t be more mistaken. In reality, vulnerability is a strength, and all skilled leaders have it. And in order to help you grow into a better leader, I want you to be vulnerable.
Patrick Lencioni once said to me, “Start by coming to terms with your own vulnerability as a leader and then translate that to your team and then the rest of the organization.” Waldo Waldmen, a top fighter pilot and a good friend of mine, once said something similar. He explained that after every mission, they would have a debriefing. Before it started, everyone was required to take off their name tags and their rank. Now, with an even playing field, they would go over the good, the bad, and the ugly of the mission. The leader would take the lead, admitting their own mistakes first.
They call this “exposing your chest to daggers,” and it creates an environment for the new hires, the young wingmen, and the young folks that are in the formation to say, “You know what? If so and so, the flight lead, or so and so, the top gun, is going to share his or her mistakes, then I can do the same thing.” But it has to come from the top down, and it means being vulnerable, more honest, and more open about what’s going on. Waldo said the key is to show you are a human being first and a top gun or high-ranking officer second. Do you start meetings by exposing your mistakes first?
I’m not talking about being passive-aggressive. “I never should have trusted so and so with this.” I see and hear that all the time, and it’s the opposite of exposing your chest to daggers. I’m talking about where you underperformed, did something wrong, or made a bad call. Those are the things to expose.
Many years ago, Les Brown gave me some great advice. He said, “You are a compelling speaker and certainly you have had a tremendous track record of success — but you can’t just talk to people’s heads or only appeal to their intelligence.” He continued, saying, “They have to feel your story, the whole story — failures, shortcomings, fears, and pitfalls — both the triumphant and the terrible.” That, he told me, was what would make me a real leader.
As you can imagine, this was an awakening, and it changed my life. You’ll notice it if you read my first book and my new one; “The Entrepreneur Roller Coaster” is a lot more honest about my personal journey, warts and all. While people may be inspired by your success, they are empowered by knowing that they can fail at times and still succeed wildly.
If you want to be a leader, open yourself up to others. If people can feel and connect with you, they will charge through walls for you. That is real leadership, real influence, and real achievement. So, right now, think of one failure with which you can open up to your team. Are you in? I promise you will see immediate results.
TWITTER might be building a paid subscription service for “power” users. According the The Verge, the social media giant is surveying users to determine the size of a market for pay-to-play tweeting. This would mean a more robust platform of tools for marketers, journalists, and others who want the most from Twitter. This premium tool set will provide valuable viewing, posting, and signaling tools like alerts, trends and activity analysis, advanced analytics, and composing and posting tools all in one customizable dashboard. It will be designed to make it easier than ever to keep up with multiple interests, grow your audience, and see even more great content and information in real-time. This comes at a rough time for Twitter, and any potential influx of revenue has to be a welcome though.
Electric car charging towers could replace gas stations, one day. THE CHARGING TOWER is a new concept that Digital Trends recently reported on. The idea is to replace current gas stations with charging stations in the future as electric cars become more popular. Stacking up cars like dominoes, the tower looks more like a parking tower than a gas station. This is important because electric car technology seems to indicate that charging will take hours longer than a standard “gasup” takes today.
Microsoft slips by Apple to grab tablet satisfaction honors. MICROSOFT won the J.D. Power tablet survey, as reported by Mashable. Although the “tablet wars” of the past aren’t as hot as they used to be, it’s still an upset (albeit a close one) for Apple, who dominated the tablet market for years. Microsoft tablet functionality won out over Apple’s iPad; the non third-party keyboard probably helped with that. But Microsoft also won in the design category, which has to sting. Surprising nobody, LG, Asus, Samsung, and Acer came in far behind Apple and Microsoft.
Panther Drone Delivers Package by Air and Land. PANTHER DRONES strutted their stuff recently with capability to fly and roll along on land, delivering packages with aplomb. Similar to military-style land and-air drones, the Panther has a few advantages when it comes to residential delivery — like avoiding air hazards such as trees and power lines. A four-wheeled drone’s first aerial package delivery test showed off a special touch by also driving up to the doorstep of its pretend customer. That capability to deliver by both air and land makes the Panther drone an unusual competitor in the crowded drone delivery space. But the drone’s limited delivery range may pose a challenge in competing against the delivery drones of Google and Amazon. Unfortunately, the Panther is relatively heavy, so it has a limited range compared to other prospective delivery drones.