Posts

The Cloud means no more stormy weather

Image
Many small firms are pretty busy handling their own business, and don’t give much thought to what they would do if a natural disaster from a bad snowstorm to much worse hit their physical location and cut power, or physical access to the building. What if the equipment storing all of your data and software needed to run day to day operations became inaccessible? What would happen to your ability to continue to serve your clients or customers?
Though we call it the cloud, with images of gray skies and rain, the cloud can be a ray of sunshine. It is an excellent and cost effective resource for smaller firms to make sure they maintain 24/7 access even in bad weather. Because everything is maintained off site, you can (1) bypass disruption or damage that may have occurred at your physical site, and (2) access what you need to keep your business functioning from any remote location.

Small firms need to realize they are most vulnerable to business disruptions, as they have less capital and fe…

Your front door is talking

Image
If you've been following the news, the Internet of Things is getting increasing attention. You’re probably also thinking this is some Silicon Valley fancy thing that will take years to reach the rest of us. Not really. You probably already have some items of your own tied into the Internet of Things. First of all, what is the I of T? Simply, it is any object that collects data about itself or its surroundings, and then transfers that data across a network to some other object, which can then make use of that data. For example, if you have a baby monitor that sends crib pictures from upstairs to your phone, you're tied into the I of T. But what about business people? Where is it showing up in the workplace? You may have security cameras tied to a network where they can be monitored by a PC or phone. A front door lock that can be remotely opened via phone. A thermostat that can changed by the same phone. Internal lights that go on when you phone approach. All of these are part of t…

NPO’s and volunteer security nightmare

Image
Not-for-profits have an unusual issue regarding security. Firms that have trained, paid full-time employees have a strong level of control over the actions of their workers. NPOs, however, may rely heavily on volunteers whose time in the office may be minimal and sporadic. You may feel grateful for their dedication and be less likely to subject them to rigid security training. Also, a threat of punishment for those who make inadvertent errors that create security risks isn't going to be acceptable in the “volunteer” environment. Though it may seem a waste of precious volunteer time, you need to consider implementing ongoing training and reminders to all volunteers about what they can do to protect your data and digital infrastructure. The 2 most common human errors are falling for phishing scams and bringing storage devices to your office and introducing them to laptops and other devices. Think of the volunteer who creates a brochure for you in their home office, then downloads it …

Security and your sub-contractors

Image
So you feel relatively comfortable that you have created cyber security around your data and your employees are trained to avoid security errors in their day-to-day business ( a MAJOR source of security breaches, by the way.) However, you may be overlooking one area where you are exceptionally vulnerable. What protection do you have from those you do business with? If you are a manufacturer, for example, you may have several vendors who provide components and raw materials. How careful are they about data security? Smaller producers and service providers may perceive themselves as not being a likely hacker target, which is incorrect. Small firms are significant targets for data hacking because they have access to larger firms. They can provide a “digital backdoor” to the firms they sell to. You need to work closely with all of your vendors to ensure that they are as serious about protecting their systems as you are. If you share digital information with your subcontractors, you open a …

Cyber Crime and Security for SMBs

Image
Did you know the illicit trading of personal data was worth $3.88 billion last year? Cybercrime is a growing industry known for its innovation. It goes far beyond the image many of us have of some hacker kid in his basement. Many who engage in this activity are professionals and work in large teams. Some may even be sponsored by governments. If you follow the news, you can find large corporations and even government agencies who have fallen prey to hackers and had massive amounts of data compromised. Unfortunately, this has led smaller firms to feel they fly below the radar. In fact, the opposite is true. Small businesses-especially those in regulated areas such as medical, financial, and legal services-need to be hyper vigilant about security. The cybercriminals' professional efforts will outdo your amateur efforts at security. As a small business, you are vulnerable for two reasons. First, serious hackers see small business as entrances into larger entities. Small firms that have…

Government regulations

Image
Any business that stores customer payment information must comply with a number of state and federal regulations. The legal, healthcare, and financial sectors have a number of laws tailored specifically for them (such as HIPAA or CISPA). If you run almost any kind of professional practice or agency you probably have very specific data security requirements. Running afoul of these regulations puts you at risk for legal action and probably means that you have bad security in place. As a professional, your focus needs to be on your clients and running your firm. Regulatory requirements to ensure data security can be complex and include rigorous testing requirements. Ensuring compliance with the regulations can be a serious distraction for you and take you into territory where your experience is limited. One of the best solutions is to work with a third party who has strong credentials in the area of regulatory compliance and data security. When you are working with a third party to set up …

Higher goals get dragged down by Tech: The NPO story

Image
If you are a smaller Not-for-Profit, it is likely that your organization has been driven from its inception by individuals strongly motivated with a passion for their cause or humanitarian goal. As a result, it is also possible that the leadership has little interest in developing the administrative technology infrastructure that is necessary for any organization to function in the internet age. Failure to understand and focus on technology can damage an organization's growth and success. However, NPO leadership has to be laser focused on the day-to-day struggles of the organization such as seeking funding, keeping the doors open, and pursuing the mission. As a consequence, technology infrastructure may be cobbled together as an afterthought; resource limitations may lead to short term tech decisions that can be wasteful and more expensive in the long term. An NPO, with its tight budget margins, is an excellent example of an organization that could benefit from outsourcing its funda…