}

Archive for category: Small Business IT

small business

Can Your Small Business Afford the Risk?

/0 Comments/in /by

small business it protectionThe average cost of a cyberattack now exceeds $1 million, reports Security Magazine. Can you afford to lose that kind of money and remain in business? Most small businesses can’t, but more than half of those small businesses responding to a recent security report survey experienced a breach last year. In fact, according to Accenture, 43% percent of cyberattacks are aimed at small businesses, but only 14% of small businesses are prepared to defend themselves. According to Kaspersky, more than a third of small businesses fell victim to cyberattacks in 2019. Even more concerning is the fact that more than two-thirds of small business leaders do not believe they are a target.

Steps Your Small Business Must Take Now to Survive

Every organization needs to take the threat of cyberattack more seriously, especially in light of recent tensions that make cyber warfare more likely than ever.  Start with these 5 steps:

  1. Backup and disaster recovery. Avoid paying ransoms and losing access to your data, by having a comprehensive backup and disaster recovery plan. This plan should include offsite backups of your data that are isolated from and not accessible by your network, as well as contingency planning for how your organization will handle data recovery, designating specific people for specific rolls. Read our guide on creating an effective disaster recovery plan.
  1. Regular updates. Not only should you have strong anti-virus and malware protection, but you should also ensure that you regularly install patches, upgrade software, and manage apps to avoid security risk. In particular, there should be no instances of Windows 7 operating at all.
  1. Strong policies. In addition to limiting data access to only those employees who actually need access to perform their jobs, you should implement strict policies for using personal devices to access the company network from public Wi-Fi, strong mobile device security requirements for all devices used for work, and ongoing training requirements for all employees.
  1. Email security. In addition to securely hosted email, establish policies regarding payment and information requests sent by email. Email security and training are essential.
  1. Multifactor authentication. Password security is no longer adequate to protect your network and your data. Require multifactor authentication for access to any part of your network. This should include a password that is combined with a secondary, required security protocol, such as a mobile authentication app for quick push notifications, as well as some form of biometric security.

Whether you are a healthcare firm, an oil and gas company, a legal firm, or a part of the many other industries The ITeam supports, such as construction and accounting, organizations need strong IT security. The ITeam understands the IT security issues facing Canada businesses. We are committed to helping Calgary- and Alberta-based businesses develop proactive, cost-effective IT strategies that minimize risk and maximize efficiency. Contact us to learn more.

your password IS the problem

Your Password IS a Problem

/1 Comment/in , /by

Data security is something every organization in Canada must contend with. Implementing layers of security and 24/7 threat detection can help provide protection, like leaving the your door locked at all times so no one can just walk into your business. But when your staff (executives included) reuse passwords across a variety of different sites and apps, they’ve essentially left the keys to your most valuable information in the lock.

The Password Problem

the password problemHackers have passwords, and they know that people use them on multiple sites. As well, hackers use social engineering to know which executives in your organization have financial roles. And they can use the password they stole from a shopper’s club loyalty card account database, for instance, and try it on your network. And this method often works.  Hackers also know that the more complex passwords become, the more likely people are to come up with two or three variations of one that works (i.e., it meets all the criteria for one capital letter, one number, one symbol) and reuse it everywhere – from their grocery store loyalty card accounts to your network.

But it’s more than just the repeated use of the same passwords across different apps and sites that poses a risk to your business; it’s the fact that many people don’t change their passwords even after being notified of a breach. How many of your employees are still using the same passwords (or variations) following the Yahoo data breach? The LinkedIn breach? The Capital One breach?

It Takes More than Passwords to Keep Your Data Safe

Yes, you still need to have strict password policies. But in addition to that, you must:

  • Provide ongoing, in-depth training to your staff about threats, including common email threats
  • Establish and follow a strict patching regimen so that you prevent potential access to your data through a back door
  • Implement as many barriers as possible against a data breach, including layers of security (firewalls, malware detection, network security)
  • Monitor your systems 24/7 for threats
  • Delete access immediately – including remote access – for any employee who leaves the company
  • Require a multi-factor authentication to access any secure area of your network
  • Have the capability of logging and monitoring who is doing what inside your network

Protecting data is one of the most complex issues facing organizations today. It’s not just about PIPEDA compliance, although that is a significant factor, but it’s also about protecting proprietary data, customer information, trade secrets, and financial information. Complicating all of this are the hackers who continue to develop more insidious ways to penetrate your defenses, gain access to your data, and either sell it or use it for financial gain. Employing best practices does make a difference.

Data breaches are not going away, but you can minimize the risk to your organization with strong IT security and a comprehensive disaster recovery plan. You can’t just address one of these issues; you must have a comprehensive, proactive data security program that addresses all of these risks and more.

The ITeam understands the IT security issues facing businesses in Canada. We are committed to helping Calgary- and Alberta-based businesses develop proactive, cost-effective IT strategies that minimize risk and maximize efficiency. Contact us to learn more.

does your it strategy support your business strategy

Does Your IT Strategy Support Your Business Strategy?

/0 Comments/in , /by

As the year hastens toward its final days, most organizations are gearing up for 2020 with a renewed sense of purpose and solid business strategies. While developing your strategy, you may have some concerns about the unknowns facing your business and industry. But if you are preparing your plan for the coming year without including your IT strategy and infrastructure needs assessment, you’re missing a core piece of your ability to remain competitive, differentiated, and functional. Does your IT strategy support your business strategy?

IT Deserves a Seat at the Planning Table

Business strategy and IT strategy are two sides of the same coin. Yet most businesses look at IT and IT investment as a cost, not an opportunity. Whether you’re launching new products in 2020, planning to hire new staff, rolling out an app, or adding a new location, IT strategy is an essential piece of every goal. Do your new products include IoT components? What resources will be required to launch a new product or service? What kind of equipment will you need to add new people to your network? How will you handle security and training? As you plan for changes, growth, and the future of your business, IT should be a factor in every decision. Your IT team – internal and outsourced – should be part of your planning process.

Proactive IT Planning Saves You Time and Money

If you don’t include IT in your strategic planning, ultimately it will still be something you have to deal with. Unanticipated needs and adjustments will just end up costing you more, slowing you down, or complicating your plans. Proactive IT planning is essential for ensuring that you can meet your strategic objectives. It forces you to consider how your current infrastructure and support will enable you to deliver on your goals, identify where gaps are in your IT support, and establish what will be required to accomplish your strategic plan.

A Symbiotic Relationship

The more closely you can align your IT to your business strategy, the stronger your organization will be. It’s not just about cybersecurity, although that is certainly a piece of the puzzle. It’s about having a mindset in which your IT infrastructure, security, technology, and assets are considered integral pieces of your entire business strategy puzzle and not simply an afterthought.

The ITeam partners with businesses to ensure that their IT strategies and business strategies align. We understand the challenges facing Canada businesses and are committed to helping Calgary- and Alberta-based businesses develop proactive, cost-effective IT strategies that minimize risk and maximize efficiency. Contact us to learn more.