Posts

Showing posts from August, 2018

Password basics people still ignore

Image
    You can have all the locks on your data center and have all the network security available, but nothing will keep your data safe if your employees are careless with passwords.    Change Passwords - Most security experts recommend that companies change out all passwords every 30 to 90 days. Require passwords that mix upper and lowercase, number, and a symbol. Teach employees NOT to use standard dictionary words ( in any language), or personal data that can be known, or can be stolen: addresses, telephone numbers, SSNs, etc. Emphasize that employees should not access anything using another employee's login. To save time or for convenience, employees may leave systems and screens open and let others access them. This is usually done so one person doesn't have to take the time to logout and the next take the effort to log back in. Make a policy regarding this and enforce it. If you see this happening, make sure they are aware of it. These are just a few basic pa

The Cloud: Are there security issues

Image
    The Cloud: Are there security issues?   For many, the idea of offloading their data to another physical/virtual location can seem like a security risk. It seems counter intuitive that moving data away from “ home” is safer. But is that really true? Any server stored at your location is probably more physically vulnerable than one protected in a large server farm. If you had a fire, flood, or other physical damage that included damage to your server, what would be the result? Also, are your backups stored on–site? If a major event damaged your entire physical location, those backups would be also lost.   There is a second reason the cloud may be safer: security. All of your data, no matter where it is located, may be vulnerable to cyber attacks and data breaches. However, cloud storage providers probably offer some of the most sophisticated security projection available. It is unlikely that a small or even mid-sized firm has the internal resources and research capacity to maintain a

How the cloud saves smaller firms money

Image
   How the cloud saves smaller firms money   OK. You pay someone to store all of your data in the cloud, as opposed to keeping it on your own server and backing it up. And you pay on an ongoing basis. How is that possibly going to be cheaper than just making a one-time investment and keeping it your self?  Let’s count the ways:   (1)  You lose the hardware expense –a capital expenditure cost. (2)  If that hardware fails, you are out in the cold.  (3)  Someone has to maintain that hardware. In house IT labor is expensive.  (4)  If you need more capacity, you have to ramp up at a tiered level, which means you may need to buy capacity you don’t presently need  (5)  All of that hardware runs on software, which costs money  (6)  All of that software needs to be installed, updated, etc. (see # 3)  (7)  All of that hardware and software has to run 24/7. Are you large enough to pay for in house monitoring and support 24/7? (See again #3)  (8)  All of that data has to be protected with security

Data regulation and our business: You are probably regulated these laws

Image
    Data regulation and our business:  You are probably regulated these laws   Small firms are probably aware that there are laws regulating the handling of data, but they probably assume that these apply only to larger firms and that they are too small to have any data that is worthwhile or protected under state/provincial or federal laws. Think again. Data protection laws generally worry about the content of your data, not the volume of it. That is, you don’t need to have “tons” (not the technical term) of data to be to regulated by data privacy laws. If you maintain personally identifiable information (PII) you may be regulated by these laws which may include penalties and fines for non-conformance. PII means you store a person’s first name/initial, last name and then link it to another piece of personal information, such as, but not including:   Social Security Number Driver’s license, or state ID Passport Some financial account number, e.g. credit/debit card, checking account, etc