Home » Blog » offsite backup

Tag: offsite backup

Hackers, Ransomware, and Malware. Oh, My!

Is your company protected?

These attacks continue to rise. They are targeting more and more small businesses. 1 in 5 small businesses will suffer a cyber breach this year. 97% of breaches are preventable. There are affordable solutions to protect yourself.

These are some things that you and your IT company should talk about implementing:

  • Backup — Backup. Backup. Backup. You should have onsite and offsite backups. Consider full operating system disaster recovery and testing. These should be monitored and tested frequently.
  • Updates — Update everything! Software, firmware, and operating systems. If you are running on unsupported or outdated systems you are asking for trouble.
  • Spam email prevention — This is one of the main sources of attacks. You need to train your employees and have a spam filter in place. Even if you are using a service like Gsuite or Office 365, you should consider using additional protection.
  • Passwords — Everyone hates passwords but they are a necessary evil. At the very least you should make sure they are long and not easy to guess. We recommend changing your passwords every 90 days. And please don’t use the same passwords everywhere! All it would take is one breach to loose all your data. There are tools available to help keep track if you are like me and have 300 of them.
  • Multi-factor Authentication — Consider using this everywhere you can. If your password is stolen, this adds another layer of protection to your data. Avoid SMS/Text if possible as these can be intercepted.
  • Advanced endpoint security — Simple definition based anti-virus is not enough anymore.
  • Firewall — Make sure built protection systems are enabled and the log files are being monitored.
  • Encryption — This protects hackers from accessing your data via stolen hardware. Mobile devices (phone, laptop, tablet) should always be encrypted. Consider encrypting at rest data and devices as well.

5 Tips for DIY Small Business Tech

First, the disclaimer: I do not advocate DIY small business tech. I highly recommend having a computer consulting company help you design and support your IT system. Of course, I would say that because that is how I make my living. However, I am a business owner too and if there is one thing I have learned, it is that you can’t (or shouldn’t) do everything yourself. An IT firm will save you time and money and can work with your budget. Since some of you are going to try to be a DIY small business tech anyway, here are some tips to help out.

Tip # 1 – Backup!

It is very important to make sure you have multiple backup systems in place. Beyond the obvious chance of data loss due to a system crash or hardware failure, there is the constant threat of malware and ransomware.

If you are mostly cloud based, make sure to export or download your data to somewhere local and then backup that data to a secondary system or device. If you are mostly internal, you should have an online backup and a local backup. If you do not want an online backup for security or cost reasons, you should have an offsite backup. This means you should have at least one backup device that you take away from your primary place of business at least once per week.

It doesn’t hurt to have all three (offline, online and local) backup. Some of the new malware and ransomware is extremely sophisticated. The more backups, the better.

Tip #2 – Security!

Some small business owners think “it will never happen to me” or “how can I afford to protect myself if these big companies can’t” or “Who would want our data?” It is your responsibility to protect you, your employees and your customers. In some cases, you can be held accountable if you have not taken reasonable precautions to protect your system. Criminals are targeting small business just because they are generally easier to break into.

This doesn’t means that you have to spend large amounts of money. A reasonably safe system can be built on a limited budget without any real monthly costs. If you want to build your own security system, look into pfSense, and Ubiquiti Networks. I strongly recommend purchasing antivirus and not using a free version. Kaspersky, Symantec, Sophos or any of the more popular security companies are better than the free versions.

Do not forget to use strong passwords and if possible multi-factor authentication.

Keep your devices, systems and software up to date.

Limit employee access to data and information and limit authority to install software

Tip #3 – Spend time researching your software

I have a client that was very disappointed after they moved to a cloud version of their favorite accounting package. They had decided to do this without consulting us. Don’t get me wrong; there are some great SaaS (software as a service) cloud systems out there, but there are differences from your favorite desktop version. In this particular case, the online version only allowed one company per account, and they wanted control of your data. One client wanted to switch back to the desktop version, and they had to re-enter one month worth of data because the online version would not give them their data back even though it was the same brand.

The point is, take your time and research thoroughly before committing to a new product. If possible, take advantage of the trial software and setup a test system. Read the fine print. There also may be free open source software they could just be what you are looking to help run your company.

Tip #4 – Do not neglect your network

Please do not tell me you are running your high-speed cable system and brand new desktop PC through a circa 1999 Linksys firewall/router and eight port hub. Network equipment must be kept up to date. That Linksys router and hub are making your internet system very slow and unsafe. If your equipment is really that old, you may need new wiring as well. This may sound expensive, but you are losing productivity due to your slow network. Even if you equipment is only five years old, there can still be speed and safety concerns.

Also, wireless technology is becoming more and more crucial to small business, and if your wireless system is more than a few years old, you should consider upgrading that as well. There are faster and more reliable systems at affordable prices. You need solid wireless coverage and should offer a guest version to your employees and possibly your clients unless you want to take on the security risk and burden of monitoring their devices in your network as well.

You should avoid consumer class networking equipment. The price is right, but they lack the security features and performance you need.

Tip #5 – Don’t buy cheap computers

I know you want to save money, but cheap computers or devices from your favorite big box store will cost you more in the long run. They usually do not last as long. They are slower and less productive from the start. They generally come loaded with software you do not need. They also usually do not come with the pro version of windows. The Pro version has extra security features the other versions do not. For example, Window 10 Pro has encryption options built in. Business class PCs have longer warranties and better parts so they will last a long time.

5 Tips for DIY Small Business Tech - NEPA