Costs of Data Breaches Up 23% from Last Year

A new report from the Ponemon Institute, an organization that publishes the annual “Global Report on the Cost of Cyber Crime,” recently announced that the cost of a data breach has jumped 23% from last year. Here’s what your small to medium sized business needs to know about being prepared in case of a data breach. The Data Breach by the Numbers The report revealed that a data breach will cost a large company about $640,000. This price tag includes hefty costs, such as business disruption, information loss, and detection. The report also revealed that it takes a company an average of 31 days to recover, yet experts advise that the time to remediate from a breach should only be less than one week. Interestingly, small organizations have a higher per-capita cost than large organizations. So, what can your business do to be more prepared? Have a Data Breach Incident Response Plan An Incident Response is an organized approach to responding to and managing the aftermath of a security breach or attack. The goal of such a plan is to limit damage and reduce recovery time and costs. An Incident Recovery plan should include a clear-cut definition of what your company constitutes as an incident and a subsequent step-by-step process that should be followed carefully after an incident occurs. Consider Hiring an Information Security Firm If you contact an Information Security firm after a data breach occurs, your organization will have to pay more money and wait longer to recover. You may not be prepared to remediate and respond in time. Knowing who to call helps your organization avoid...

Bright Outlook for Cloud Computing

According to CompTIA’s IT Industry Outlook 2014, cloud computing is even more on the rise since last year. As Generation Y (20-34 years old) infiltrates the work force and members of the Baby Boomer generation reach retirement age, there have been noticeable changes to how technology is used in the workplace. With this shift comes an inevitable increase in cloud computing: “Companies are relying on cloud computing for business processes such as storage (59%), business continuity/disaster recovery (48%), and security (44%)” (CompTIA: IT Industry Outlook 2014). The three models for cloud systems – Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) – have all steadily increased year after year, especially among medium-sized businesses. All data points suggest cloud computing is a popular option for business of any size. Are you up to speed on adopting the cloud into your business? How to Leverage Cloud Computing These three main cloud solutions – Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) – can leverage your IT business substantially. SaaS provides a way to deliver software and technical services that would otherwise be very costly. Most small businesses can adopt cloud computing into their company only using SaaS services. PaaS allows businesses to create custom apps, databases, and other business services all integrated into one platform. IaaS allows businesses to purchase infrastructure from providers as virtual resources. Which model best fits your business? Advantage of Cloud Computing There are multiple advantages to adopting cloud computing into your IT business, the biggest benefit being the ability to...

Can You Survive a Network Security Attack

Businesses are under constant attack from a variety of network security threats.  Cybercriminals hack databases for passwords for unauthorized access to your network.  Undetected Malicious software (malware) can trap and forward passwords. Viruses can infect your hard drive and destroy application data and files without your knowledge. Businesses large and small face these network security threats on a daily basis; larger organizations, however, may have more resources to fight attacks.  Small businesses may be more vulnerable to downtime and loss of productivity because of thinner margins and resources. Here are a few steps you can take to survive a network security attack. Prevent Network Security Attacks Before they Occur Protect your network by making sure all devices are in compliance with the latest anti-virus and malware updates. Ensure your operating system (O/S) patches are up to date. Protect your network with strong passwords and require your employees to change them regularly.  Discourage writing passwords down, and make sure employees are aware of the risks of a network security attack. Lock Down your Mobile Devices Mobile devices including smartphones and tablets are particularly vulnerable to theft and loss. Passwords on these devices can be easily cracked leaving your applications and data vulnerable to unauthorized access. Train your employees to report theft or loss of mobile devices quickly, and make sure that all data on the device is encrypted.  Having the ability to track and wipe data from these devices is another option to ensure you can survive a network security threat. Backup Your Data Online Backup and Cloud Backup are affordable options to have quick access to applications and data...

Heartbleed Bug: What a Business Owner Should Know

The name Heartbleed OpenSSL Vulnerability (aka Heartbleed bug) is as scary as it sounds. Some reports say up to two thirds of all secure websites (e.g. those with a web address starting with a green https://) are using OpenSSL.  It has been reported that Google was first to discover the Heartbleed bug  that compromised sites including Yahoo, Tumblr, Flickr, Amazon, and other websites relying on OpenSSL for security.  This security breach may provide hackers access to accounts, passwords, and credit card information. Heartbleed and Your Systems Business owners using OpenSSL for their email, website, eCommerce applications, or other  web applications should take action to prevent data loss or theft.  The fix for the Heartbleed bug should be installed on your operating systems, network appliances, and other software to ensure that confidential information is protected.  Consider having your IT professional test your public web servers to determine if they are safe. Heartbleed and Your Employees Your employees may have used websites that were exposed to the Heartbleed bug.  This means their username and password combinations may have been compromised by hackers tapping into what was supposed to be encrypted communications.  Employees should be reminded to reset passwords within the guidelines established by your company.  There are plenty of resources on creating a secure password.  Microsoft offers tips for creating a strong password on their website. The Need for IT Security Because the Heartbleed bug is pervasive, most internet users need to change passwords on sites like Gmail, Yahoo, and Facebook.  The Heartbleed bug is a wake-up call to the importance of having an IT Security policy that includes strong password...

Mobile Security: Does Your SmartPhone need a Kill Switch?

Many Smartphones and Tablet computers have access to corporate applications and their data through Bring Your Own Device (BYOD) policies and corporate-sponsored mobility strategies.  Mobile Security has become a popular topic for good reason.  According to CIO Insights, mobile data traffic is expected to increase eleven-fold by 2018. Because of increasing data traffic on mobile devices, some government agencies are looking at legislation to require manufacturers to add a smartphone kill switch to remotely wipe a mobile device if it is lost or stolen. Keeping in mind that a four-digit iPhone passcode could be hacked in minutes, this begs the question: Does your Smartphone Need a Kill Switch? Having a smartphone Kill Switch may give a sense of false security.  Adding a kill switch to protect your privacy and corporate information is reactive, rather than proactive.  If not done properly, you could wipe your employees’ irreplaceable information, such as family photos.  A Kill Switch may also make the phone entirely unrecoverable.  This means you will surely need to replace the device once the remote kill switch is invoked. Proactive Mobile Security Before you hit the Kill Switch consider proactive mobile-security measures. Smartphones and Tablets are great innovations that allow your employees to stay in touch and work anywhere.  Access to email, operational data, financial information, and customer information through a mobile device can empower your employees and increase their productivity.  Access to this information should be password-protected at all times.  Additionally, any corporate data should be encrypted in transit and at rest. Only approved applications should be allowed on the mobile device and personal data should be stored in...
Page 8 of 12« First...678910...Last »