Congratulations, your workplace, computers, and vital data have made it through another year! Or have they? It’s time to say goodbye to 2019 and hello to 2020, which makes it the perfect opportunity to reflect on the past year’s successes – and failures – in terms of data protection and IT management.
Data privacy has been a major topic in the news throughout 2019, with many organizations hitting the headlines when they fell victim to data loss or theft. As businesses continue to advance their technology systems, the risk to vital data is increasing. From hardware and software failures to natural disasters, genuine human error to targeted theft by hackers, there are many ways in which sensitive data can be leaked, lost, or passed into the wrong hands. In 2020 and beyond it won’t be enough to simply deal with these issues as and when they come up. Instead, businesses and organizations are expected to be proactive when it comes to protecting personal data.
As a managed IT company we’ve seen firsthand the impact that poor data protection can have on businesses in Tulsa Oklahoma. We’re passionate about helping businesses to become proactive in the protection of their valuable data. Here are three key services we recommend every business owner implements in 2020 to ensure their company data is safe from hardware failure, hackers, and natural disasters.
Offsite Cloud Data Backup Services
Many businesses are under the impression that onsite data backups are enough to protect their data should they experience failures of their computer systems. Sadly, they’re wrong. Backing up to onsite servers won’t protect data if the business is affected by fire, flood or extended power outage, or if its hardware is stolen.
To provide the best level of protection, data should be backed up to a secondary site. Cloud data backup is a fantastic solution because it ensures vital data remains available no matter what happens on business premises. If you have to close your offices for one reason or another, a cloud backup will allow you to continue to access critical data and keep your business running from an alternative site.
Our extensive managed data backup services ensure copies of your data are available both onsite and offsite. We’ll consider every possibility for data loss to ensure valuable information is thoroughly protected, no matter what happens.
Comprehensive Disaster Recovery Services
We’re well aware that it isn’t always possible to alleviate every potential risk to business operations, no matter how proactive a business is. However, companies can minimize the impact of disasters on their operations by having robust disaster recovery and business continuity plans in place.
Data backup is just one crucial aspect of disaster recovery. There’s also hardware, software, networking equipment, and communications tools to consider, as well as the practicalities of finding alternative workspaces. Without a comprehensive recovery strategy in place, disaster could lead to business operations grinding to a complete halt, which might lead to financial losses too extreme to recover from.
Our recovery services are tailor-made to each of our clients. We take into account the size, industry, and unique circumstances of every business to develop a strategy that will help them recover from disaster and continue to thrive, even in the most challenging circumstances.
Managed IT Services
With technology evolving at such a swift pace in the 21st century, it can be tricky for business owners to choose the right IT solutions for their operations. As a managed IT company in Tulsa, Oklahoma, our aim is to take the pressure off by implementing and managing technology systems that are the best fit for each individual business.
Our all-inclusive managed IT services include 24/7 monitoring of our clients’ computer and network systems, which means we can spot potential problems in advance and rectify them as swiftly as possible. We work quickly to resolve hardware failures – with no extra labor costs – and we pride ourselves on delivering exceptional engineer support to get IT issues resolved with minimal delays. All of these factors help to prevent critical data loss.
Our IT company is based in Tulsa, Oklahoma, but we also serve parts of Northeastern Arkansas and Kansas. We manage IT for businesses in a vast range of industries, including oil and gas, manufacturing, medicine, law, retail, and more. We can customize our offerings for every business, meaning that you’ll get managed IT support that comprehensively manages and protects your data.
Make 2020 the year of data protection.
For busy business owners, using the services of an IT company brings peace of mind when it comes to managing data. With quality data backup and recovery services in place, you can focus on growing your business instead of losing sleep over the possibility of data disasters. If you are ready to make 2020 the year you stopped worrying about data failures, be sure to give Nomerel a call.
Almost every business owner we consult with for the first time has a story about losing valuable business data. The type of data and the way in which it is lost varies from business to business, but the ultimate reason for the data loss is almost always the same; there is not a suitable data backup plan in place.
Today businesses are storing more digital data than ever before, but keeping that data secure and easily accessible is not as straightforward as it seems. For growing companies, it can seem simple and effective enough to upload files to consumer cloud backup services like Dropbox, but often such platforms don’t provide adequate data security. Furthermore, many businesses don’t consider how they’ll recover if the worst does happen to their data. When IT disaster strikes, these businesses don’t have a strategy in place to handle it, leaving them at risk of losing essential systems and data that could put a sudden stop to all business operations.
Business Data. What Could Go Wrong?
The potential for disaster is everywhere when it comes to business data. Software can crash, hardware can fail, and malware can be inadvertently installed, leading to unauthorized systems access or disruption or damage to computers. Simple human error could lead to the accidental loss of data, or theft of network hardware might occur. Hardware could be damaged during natural disasters such as fires, floods or in our region tornados. Even something as simple as a common power outage could lead to data loss severe enough to stop a business operating.
While we can try to prevent these types of problems from occurring in the first place, it is not always possible to protect against every single possibility. Accidents, malfunctions, and natural disasters are often beyond our control. However, what businesses can control is what happens afterward. If they have a disaster recovery plan in place, including a sound data backup plan, they can restore their data and keep their business running. If, on the other hand, their backup data services aren’t up to scratch, they could risk losing their valuable data forever.
To learn more about the importance of professional disaster recovery plans, be sure to read about these three organizations which didn’t have such plans in place. Businesses across the world are losing millions of dollars worth of data every year, but you can avoid becoming one of them by getting your data security in order and formulating a sound disaster recovery strategy. That’s where we come in.
Backup Solutions Built For Small Business
Nomerel backup solutions are built into our managed IT service plans, which can be completely customized to your business.
With our managed IT solutions, your organization gets enterprise-level backup solutions, on-call IT support, and hardware failure solutions for one low monthly price. We also provide custom data backup services, a comprehensive disaster recovery plan, and business continuity plans to keep your business up and running no matter what happens. Plus, since we provide 24/7 monitoring of your technology systems, we can identify and cure many potential problems before they occur, which minimizes the risk of disaster.
When we build a custom IT solution for one of our clients, we charge them a fixed monthly bill for everything involved in that solution. This means that you, the business owner, won’t be faced with hefty extra costs if we do need to spend more time with you to deal with unforeseen issues. Our goal is to take the stress out of IT and data security so that you can focus on taking care of your business.
How Managed IT With Nomerel Works
Since 2008 Nomerel has been serving the Tulsa and Oklahoma City metropolitan area, and we have recently expanded into Northeastern Arkansas and Kansas. Our passion is helping businesses keep their data safe and backed-up, no matter what their size or industry. We work with small and mighty start-ups of just one employee, as well as longstanding corporations with over 1,000 members of staff. Our managed IT solutions can be completely adapted to suit the unique needs of every individual business perfectly.
When it comes to your bespoke managed IT solutions, we’ll begin with a consultation. We’ll sit down and talk about the current setup at your organization – how your data is currently managed, the risks involved, and the potential consequences of data loss. Then we will develop a foolproof business continuity plan to ensure you’re equipped for any disaster. For more information, be sure to give us a call or complete our contact form to arrange a consultation.
As we enter into a new decade it’s the perfect time to reflect on the ever-changing landscape of business security. Doing business in this era is nothing like it was in the Y2K days. Today your primary business assets are digital, from your employee data to customer data and everything in between. Depending on your industry, that data may be subject to a whole host of stringent laws in regard to how it is stored and protected. What happens if it gets lost, leaked or stolen? The consequences can be catastrophic.
Here at Nomerel, an Oklahoma IT company, we help businesses in dozens of industries, including medical, legal, oil and gas, and many others, to protect their masses of data. We’re talking millions of patient records, project files, multimedia files, archives, and numerous other pieces of valuable and often sensitive information. Not only do we protect this data, but we also help our clients to formulate a disaster recovery plan so that if the worst does happen, we can quickly get the situation under control.
We want to share the stories of three organizations that did not have a disaster recovery plan. Although not clients of ours, these stories are very similar to those experienced by businesses we’ve encountered right here in Oklahoma. Today, those businesses are our longstanding clients and have solid business continuity plans in place, but it is unfortunate that they had to learn the hard way about the dangers of data insecurity.
If you’re keen to protect the future of your business in the digital age, give us a call or complete our contact form to set up a meeting. We would love to talk about your business continuity plan; we think you might be surprised at how fast and cost-effective it is to implement.
How to protect your company from a digital ransom attack: this city in Florida paid a big price
In June this year, an entire city in Florida was hit with a data breach that cost an astounding $600,000. What’s even more shocking is that this case wasn’t the first of its kind. It is fairly common for government agencies to fall foul of hacking organizations who paralyze computer systems or steal data and demand a ransom for its release. Private companies are also vulnerable to these types of cyberattacks.
In this instance, Riviera Beach found itself facing disaster after an employee of the police department opened an email attachment that was infected with a virus that shut down the entire city’s online systems. Email, office phone systems, and water utility pump stations were impacted. The city was unable to process payroll and vendor payments.
The solution? First, the city was forced to bring forward a planned upgrade of its computer hardware by a year, to the cost of $900,000. Then it paid out an additional $600,000 ransom to the hackers responsible for the attack to recoup their valuable data.
The key point with this story is that Riviera Beach’s digital security was simply not up to scratch. Had they had a dedicated security strategy in place their systems would never have been infected. We can guarantee that preventative cybersecurity would have cost them a whole lot less than the $1.5 million it took to resolve the problem.
Anyone can create a data backup, but an IT company is going to make sure it is fail-proof
Remember the much-loved 1999 kids’ animation Toy Story 2? Well, it might surprise you to learn that due to a simple user error and a major issue with a data backup system, the whole movie was accidentally deleted while still in production. Hundreds of man-hours worth of work were erased in just minutes, and it took a gargantuan effort to get it back.
The issue came about when an employee accidentally triggered a command which began to systematically delete every file in the network. When it dawned on the Pixar team what was happening, they unplugged their master server to halt the deletions and then took a look over what was left. 90% of the movie had been deleted.
No problem, the team thought, we can just use our backup, right? Wrong. This was the crux of the problem. Unfortunately, the backup system had not been adequately checked. If it had, somebody would have realized that the backup system was not big enough to store all the data. New files were writing to the backup drive and pushing older files off. Only a minority of the necessary files were there.
Luckily there was something of a solution. One of the team members had recently been working from home. She had a computer at her house that had a full copy of the network from just a couple of weeks earlier. The team managed, over the course of a sleep-deprived weekend, to trawl through these files and compare them with those recovered from the backup and a series of files saved locally by animators and modelers. They rebuilt the movie – still with several thousand files missing – adequately enough that the project could get back on track.
What’s ironic about this story is that Pixar ended up scrapping, rewriting and rebuilding the movie all over again just a few months later, not because of another data error but because they wanted to make it better. But they certainly learned a lot from their mistakes the first time around, namely that a fail-proof business data backups system is a worthwhile investment when producing a multi-million dollar movie.
Think the Geek Squad is going to help your company? Wrong. This is one of the hundreds of stories – don’t risk it!
In 2008 consumer electronics retailer Best Buy was faced with a gigantic $54 million lawsuit. Why? They had lost a customer’s business laptop, and she was seeking damages not for the loss of the computer, but for the loss of her personal data.
She argued that Best Buy had completely disregarded the importance of protecting her data after her laptop went missing from a store in Tenleytown, D.C. She had taken the laptop there to have the company’s Geek Squad technicians deal with a repair. When she began to question the laptop’s whereabouts, Best Buy misled her about the computer’s location for weeks before finally admitting that it had been lost.
Not only is it appalling that Best Buy can lose electronics that contain valuable and sensitive personal information, but their methods for managing the issue were even worse. They offered the customer just $1110 dollars and a $500 gift card – enough to buy a new laptop, sure, but certainly not compensation enough for the loss of private data. It seemed like they weren’t taking the issue of data breach seriously enough, and the customer quite rightly wanted to make the company sit up and take note when she issued the massive lawsuit.
The lesson here is that we cannot take the protection of data lightly. There are myriad ways in which data can accidentally be lost and subsequently become vulnerable to fraud or exposure. Businesses must have stringent security measures in place to ensure that accidents like this don’t leave them losing either their own valuable data or, perhaps even worse, the personal data of their customers.
Don’t want to be the fourth story on this list? Reach out to us
We would love the opportunity to learn about your organization and discover which of our services would best suit your business. At Nomerel we are proactive; we have experience in every industry and will protect your data with care. We provide organizations with fail-proof data recovery plans throughout Oklahoma, Northwestern Arkansas, and Kansas. We build cost-effective, custom IT solutions that are tailored to your business’ exact needs, giving you everything you need and nothing you don’t. Allow us to bring simplicity and clarity to your IT environment so that you can have the freedom to focus on growing your business.
We’ve all had emails fill our inbox that clearly are not what they say they are. Sometimes there’s no doubt that they are a scam, but hackers have gotten better at creating believable phishing emails targeted at getting information. Unfortunately, companies can fall prey to this just as well as an individual can. Watching out for suspicious redirects is a good way to spot if your company has been hit by a phishing scam, but so is feedback. Receiving complaints from customers about communications that your company hasn’t made is a strong indication that there’s a problem. A phishing attack may not be obvious to you at all, but rather be aimed at your customers and stealing their money and identity. As unsettling as it is, you may not be able to tell that your company has been hacked until there’s a problem.
It’s important to be vigilant when keeping your network security in check. There are some steps you can take when there are signs that your company has been attacked by a phishing scam. First,
Don’t Panic!
When you’ve fallen prey to a phishing scam, the first thing you need to do is not panic. Regardless of if you are a business or an individual, panic tends to be the first reaction and is exactly the last thing you want to do. Instead, disconnect all devices from the network so that your devices aren’t accessible to the perpetrator. By cutting off your company’s access to the web, you’re also preventing any viruses put in place from emailing your customers and clients. You eliminate the risk of spreading the infection.
If possible, remember what information you entered when going to a fraudulent site. Things like names and addresses can be used in identity theft as well as providing information for future attacks on your company, so it’s important to try to remember everything you can about when and how you accessed a suspicious site. Fraudulent sites can often be uncovered by paying attention to the URL extension as well as details, such as spelling and the URL given when rolling your mouse over a link. Keep a record, either using a screenshot or by copying and pasting information, of the website(s) and email that infected your company’s machine. This can help to identify what information was stolen as well as law enforcement.
Above all else though, stay calm.
Now, Backup Your Data
It’s wise to perform regular backups anyway, but once your network administrator has shut down your network, it’s time to do another backup. The first things that should be backed up is customer information and financial records. For maximum security your IT department will likely perform this backup to a separate location to provide an added layer of protection. Time is critical here as it is essential to remove data that a virus can use as ransom. Called ransomware, some cyber criminals will restrict your access to your own files until you pay a fee, essentially holding your own property ransom.
In a situation like this it’s best to perform this backup to a physical location rather than the cloud so that your network administrator doesn’t have to expose the company to the internet unnecessarily.
Protect It with New Passwords
Though you may have acted fast to protect your company, a hacker still may have acquired passwords and your work will have been for naught. It’s important to change your credentials as soon as possible in the event that a cyber criminal did get that information. With it they can gain access to your finances and other vital services that your small business works with and uses internally. They could also change your company’s credentials when it comes to accessing the services, so it’s important to make these changes as soon as possible. A good indication that your network security has been compromised is if you cannot access your own accounts.
If you haven’t already, consider upgrading your security with multi-factor authentication so that hackers will have a harder time taking control of your systems. There are password generator programs available that will create a unique, random password using the specifications you provide. Though harder to remember, these passwords are far safer than your secretary’s dog’s name and birth year.
Now That Your System is Secure, Look for Malware
Cyber criminals, unfortunately, know that you may do everything right to secure your information before they are able to get to it. Once you’ve made backups and secured your data, it’s time to look for what might’ve been left behind. Many viruses will install programs that seem benign and unobtrusive, but are actually gathering vital information and sending it back to the hacker. Fortunately, there are malware programs that work without being connected to the internet so you can check your company devices before even being reconnected to the network. Many IT services choose to run a second scan from another program to ensure that nothing was missed with the first scan, or that the first malware program isn’t compromised in some way. Keeping this software up to date is essential as definitions are frequently updated and new features, such as looking for newer types of malware, can be installed. A good malware program can also scan email as it is received giving your company an added line of defense to prevent a phish attack and will periodically scan your computer for malware automatically.
Inform Your Customers
Falling prey to a phishing scam is embarrassing to be sure, but it can be disastrous if you are sure that nothing was taken and you’re wrong. It’s important to let your customers and clients know when your network security has been compromised. Customers can be on the lookout for fraudulent charges made on behalf of your company for services or products they never ordered. By notifying customers of the incident and giving them incentive to stay, you can protect them from attacks and keep a customer rather than face a lawsuit down the line if your phishing incident leads to identity theft.
Make sure that your customers know what to expect from your company and that anything else should be reported to the company as well as to law enforcement. Social media is a good way to communicate with your customers as well as email and postage.
Contact Law Enforcement
Hacking of any sort is a crime and it isn’t one that governments are keen on letting people get away with. In the United States the FBI’s Internet Crime Complaint Center manages cyber crime cases and when you’ve been phished, this is who you report it to regardless if you are a company or an individual. This complaint stays on file for 90 days, allowing companies and individuals to repair any damage done by the cyber criminal, and it can be renewed if necessary.
Unfortunately no one is immune to phishing: if you have an email, you could be a victim. Individuals and companies alike have been fooled by sophisticated messages designed to get vital data necessary to running your company. Sometimes, it isn’t something that your employees or network administrator catches until it’s far too late, but a quick action plan can minimize the damage done by a successful phishing attack. If you suspect your company is compromised, follow the above steps to help protect your company and watch out for unusual activity, such as odd feedback from customers, purchasing mistakes or other anomalies that may indicate fraud.
The biggest difference between your email inbox and the one at the end of your driveway or the company mail room is the walk, and sending a message is free over email. Mail can be stolen too, regardless of if it’s in a physical box or your inbox and, in both cases junk mail can be very bothersome. In the case of email though, malicious emails happen often enough to be worrisome. One wrong click and now you’re exposed to hackers that will use it to bypass network protection and initiate a cyber attack on your company. Don’t panic! There are simple ways that you can make it much more difficult for criminals to steal your data.
Better Password Management
Creating a strong password is essential for the security of anything that needs a login, but perhaps moreso for your email. When your password is easy to guess—such as a birthday, favorite pet or family initials—and your email can be hacked. Through that hackers can reset the password for multiple different accounts across the web, or open new ones in your name, and ensure that you’re locked out. Some email providers today actively work to prevent this by not allowing users to create passwords that are similar to their email or personal information and require special characters, upper and lower case, as well as a symbol. Though quite irritating for most of us, it is essential for the security of an email account regardless of if it’s a personal account or corporate one.
Those that cannot remember ‘$27D@e99&$Ke’ as easily as their cat’s full name may find using a password management service helpful. Many companies use services such as LastPass to keep their passwords and logins secure and unique enough to deter hackers. For these password managers employees need to remember just one password and though it doesn’t have to be like the one above, it nevertheless needs to be very unique otherwise it too can be hacked and that library of passwords will be accessible.
Adjusting Email Settings
Though this may seem obvious, modifying your email settings can really make a difference in the safety of your inbox. A firewall service may keep more obvious threats out but by exploring the tools that your email provider has available you can eliminate phishing emails designed to get into your email. For instance, you can create a rule for your inbox that will automatically move emails with ‘Unsubscribe’ or similar wording into a special folder or your trashcan with little fear of losing important emails. You can elect to add exceptions to this as needed, such as “RE:” or other phrases from trusted sources or newsletters that you’ve signed up for.
Pay Attention to the Details
Sometimes you can do everything right and your inbox can still be infiltrated. Though the best way to protect your email is through prevention, it’s important to be proactive in making sure that it remains safe. Look for changes in email traffic, such as regular banking updates or stock updates. When those disappear, it could indicate that your email has been hacked or worse yet, those institutions. By looking at the recent activity for your email account you can also see the IP addresses that has been accessing your email. Look for an IP address, or location, that doesn’t fit with the rest of your activity.
In addition to paying attention to recent activity with your account, you should also look at the information in your account. Is the phone number correct? Are your security answers what you originally put or are they different? Though these differences may seem small, it’s an indication that your email protection isn’t strong enough and you’ve been hacked. In cases where you have been hacked, it’s best to reconsider your security questions as many times the answers are easily obtained via social media and, of course, be sure that you don’t share your account information with anyone.
Encryption
There are many things you can do to help keep your company’s private email private, but the best way to do it is encryption. End-to-end encryption, which IT services often provide, means that before an email ever leaves one machine, it is encrypted so that even if a hacker manages to get access to it in transit, it’s useless without the encryption key. Companies and individuals—popular apps like WhatsApp make encryption very realistic for private citizens—that use this level of security are on one side of a controversy between tech security and government agencies as many government agencies feel this level of encryption enables those with malicious intent to better plan and organize.
Email providers are getting on board with this level of security and offer it to their customers. ProtonMail, for example, uses this level of encryption for email protection; however, it’s only effective when both accounts belong to ProtonMail. Though some customers may be put off by having to create two passwords when they create their ProtonMail account (one is the account password while the other is for the encryption keys), it provides an added layer of security that other providers don’t.
Encryption also involves using HTTPS over HTTP, which is rapidly becoming outdated. The added S stands for secure, which is simply another way of saying encrypted. Websites that provide HTTPS have several tests that they must pass that prove that the information sent to and from those sites is actually secure. For general information on a website, such as a blog, the data is not encrypted as there’s really no way to provide encryption at that point. But, for websites that deal in e-commerce or social media, for example, it is essential that when a user logs in their information is kept secure. This is where encryption plays a role. Ensuring that your company uses HTTPS will prevent intrusions that can be detrimental to your company, and your inbox.
Protecting your company’s email servers is an important part of network security and one of the best ways to do that, first, is common sense practices such as not sharing your account information, not using easy to guess passwords or creating security questions that are very easy. Ensuring that your company uses encryption services whenever possible also keeps your email, and thus your company, much more secure. Educating employees on common sense email practices, and using IT services to implement encryption, are some simple tactics that can go a long way towards keeping your inbox private.
Recent Comments