Jackson County Georgia (population of approximately 65,000) just paid a $400,000 ransom to a cyber criminal to recover from a recent ransomware attack. Paying the ransom was determined to be the lowest cost alternative for restoring the county’s IT systems. Wow!
All I can say is make sure you have a modern back-up and disaster recovery system in place that has the following components:
1. Automated – do not rely on a person to perform back-ups
2. Redundant including a secure, off-site location
3. Recovery time (meaning back in operation) should be minutes not days, weeks or more
4. Monitored and tested – be certain your back-ups are complete and successful
If you’re confused about how to get all this in a system, I can help. RSPN offers a program that will provide your business with all of this for a manageable monthly payment. Contact us today to learn more.
If you only read the first paragraph of this article, it should be enough to raise a concern about cyber security in your business. – “with some countries now basing their economy around cyber crime.” – Looks like we have a lot of work to do to defend our businesses.
If you are using Office 365 in your business, having a back-up and recovery solution can be critical. Check out this article to learn about some of the limitations of Microsoft’s O365 restore system. You may want to consider a better solution. Click the image below to read this informative article.
If you’re not worried about Cyber Security you should check out this article about a new “Ransomware-as-a-Service offering. Any criminal can get a membership for $90 and the service will provide them with everything they need to launch a ransomware attack, from providing the Ransomware to receiving payments. Pretty scary stuff.
Imagine you have a pile of cash that you use to buy all the things in your life that you need to survive. You buy your food, pay your utility bills, pay for your home and use it to purchase everything else you need to continue living your current lifestyle. Pretend for a moment that there are no banks so everything you need to purchase you pay for from this stack of money. Are you with me? No credit cards, no checking or savings account, just a stack of money that you must protect.
Now imagine where you will keep this money. It’s probably safe to assume you are thinking of some sort of structure like your home or business, someplace protected from the elements so your cash doesn’t get damaged or lost.
Let me ask you this, does your structure have doors? Are the doors locked? Are they wooden doors with a simple lock or steal doors with multiple deadbolts and locks? Is there a guard dog inside in case someone gets past the locked door? Do you have a security system with cameras and an alarm to further discourage an intruder from stealing your cash? Is your money stored in a safe? Maybe you have even hidden the safe so it is not immediately clear where your money is at. Remember, this money is all that you possess to get the things you need to survive.
If you can clearly understand the magnitude of losing your money in this scenario, it is probably safe to say that you will have as many of these layers of security in place as possible to keep someone from getting to and taking your money. Okay, so your money in this hypothetical story is secure. You feel safe that nobody is going to take it from you.
Okay, now please join me back in reality. What about all the data on your business computer network? Our society has changed how we buy things. Sure, we carry some cash for purchases but many of our financial transactions occur online so access to completing these transactions becomes as valuable as that stack of cash we had in the previous scenario.
Now think about your business. Do you use an accounting program to bill your clients and pay your vendors? Do you keep your customer contact information stored on your network? How about trade secrets like your pricing, your advertising creative plans or even design or engineering work that sets you apart from your competition? Essentially everything you need to continue operating your business resides on your computer or elsewhere on your IT network.
What protection have you put in place to protect all your critical data? An anti-virus program, a firewall, is that enough? Is your data backed-up? Are you sure? What would it take to get back to business from your back-up if you lost your data? Doesn’t it make sense to have as many layers as possible between your data and someone attempting to steal, destroy or deny access to your data?
This is exactly what the phrase multi-layered security means in the world of information technology. Unfortunately, there is a disconnect for most people when they think of IT security because they simply do not understand the technology. They don’t think about digital security in the same manner as physical security so they buy a couple of inexpensive security solutions and figure they are safe.
Think for a moment about that safe with all your money in it. How secure would you feel if you knew that everyday someone would discover the combination to your safe? Would you feel secure with only the other layers in place or would you change the combination each day just to make sure that if someone got through the locked steal door, past the guard dog, beyond the security system and located where the safe was hidden, they still wouldn’t be able to open the safe?
Cyber security is much more complex than physical security because there are so many paths to accessing your data. Well-funded, organized crime groups and nation states are employing top talent to continually develop new ways to get past network security. Cyber crime is an extremely lucrative business and low-hanging fruit (networks without multiple layers of security) are squarely in the cross-hairs of these criminals. The best strategy to combat this threat is by putting as many layers as you can between the bad guys and your critical information, then keeping those layers updated constantly.
Recently I read an article comparing network security to the story of the three little pigs. In keeping with the theme of a fable, let’s go back to that stack of money that you use survive. Imagine the Big, Bad Wolf wants to steal your cash.
Do you build a house using straw (like using cheap or free security solutions to protect your data)?
Do you build a house using sticks (you have invested in a few security layers like a firewall, a subscription anti-virus and spam filtering)?
OR…would you build your house with bricks (your business has all the security of our stick house, but has hired experts in data security to implement many more layers to proactively protect your business from a data breach, theft, denied access and a devastated reputation)?
You learned the lesson as a child. If you cut corners on protecting the very thing that keeps you (or your business) alive, you leave yourself exposed to the Big, Bad Wolf (Cyber crime). Implement a professional, multi-layered security strategy today before that nasty wolf huffs, and puffs, and blows your house down (or destroys your business).