Since we could never keep up with new, creative cyber threats, aren’t we better to wait to deal with an incident if it ever happens to us?
Many businesses and consumers alike are suffering from what has been called “data breach fatigue.” The constant news of new attack tactics and large, well-protected companies falling victim to cybercrime can be disheartening. While no amount of security focus or spending can guarantee your company will never face a breach or attack, basic best practices can protect you from many threats. Neglecting to take all the security precautions that you can only multiplies your risk level unnecessarily. There’s no sense in inviting trouble.
My company is not a large entity like Target or John Hopkins, would we really be a target for hackers?
The National Cyber Security Alliance estimates that one in five small businesses will be a victim of cybercrime this year. Despite this reality, surveys reveal a dangerous lack of concern among small business owners about their own security and a widespread failure to plan and to implement policies to protect their systems and critical data. While it may seem that your risk of attack is lower than the larger companies this is not supported statistically. Furthermore, when a small business suffers a breach or cyberattack, it is much more likely to be catastrophic for the business.
How do hackers gain access to my network or data?
A 2012 survey reported by CIO Magazine (2012 Global State of Information Security Survey) showed nearly equal responses (10%-18% each) for exploitation of data, mobile devices, applications, systems, networks, and humans (social engineering). Many companies go to great lengths to secure networks but fail to address the simpler threats. This is a lot like locking the front door but leaving all the windows open.
Is Cloud computing safe for my business?
Cloud computing is not new. It is now a widely accepted solution for most businesses. But the question still remains – it is safe? While the answer is different from one company to the next, and the types of cloud services or tools used will vary by industry and by company, with appropriate safeguards in place, cloud computing can be a very secure, economical, and practical solution for most businesses.
How can my employees safely access the company network remotely and/or using their own personal devices?
Remote access can be great for productivity, work-life balance, and employee satisfaction but it does not come without risks. These risks can be mitigated, however, with proper employee training and technical safeguards in place, your company can provide your employees a degree of flexibility.
Does my company need a Business Continuity Plan?
Every Business Continuity Plan is different but the answer for virtually every business is, yes, you need a BCP. Smaller, more agile companies may think their need for a formal plan is less than that of a larger corporation. While the plan may not need to be as extensive, smaller companies should realize the risk from an event impacting business operations could be more severe and they may be less able than larger companies to recover without having a good plan in place ahead of time.
What is the different between a Business Continuity Plan (BCP) and a Disaster Recovery Plan (DRP)?
In general, a BCP speaks to the recovery of normal operations for the entire company. This would take into consideration factors such as physical asset recovery, getting employees to the work site during a disaster or event, safety considerations, absorbing and covering financial losses from down time, public relations issues, and so much more. A DRP is more often the term used for the IT Department’s contingency plan in the event of a disaster, cyberattack, outage, or anything that could impact the normal operation of the network or systems that employees need.
What does a “strong” password look like?
A combination of upper/lower case letters, symbols, and numbers, but not a word found in the dictionary or connected to the user personally (names, dates, and places). At least 12 characters long. Idea: take the first letter of each word in a sentence that is easy for you to remember. Use long password phrases, rather than single words or hard to remember combinations of characters.
Is your organization HIPAA compliant?
Contact us to find out sooner rather than later.
Ask about our letters of attestation that demonstrate your compliance!