5 Ways We Can Lower Your Chrome Device Costs

/in ,

As part of our ChromeCycle Program, we help you manage the total cost of ownership of your Chrome devices.

Here are five (5) ways we can lower the purchase cost for your next round of Chrome devices.

1. Preregister Your Purchase:

We can often secure preferred pricing when we preregister your intended purchase with your preferred Chrome device manufacturer. Letting your manufacturer know now how many units you plan to buy later helps them plan production and distribution. Some of those savings come back to you.

3. Competitive Bidding:

If you do not have a preferred Chrome device manufacturer, we can bid your intended purchased out across manufacturers and distributors to obtain the best purchase price possible.

3. Trade-In: 

Trading in devices at the end of their life cycle can lower the cost of refreshing your devices by as much as 20%. We can estimate trade-in value now, to help with your budgets for purchases later in the year

4. Buy-Back:

Even if you are not buying your refresh fleet from us, we can buy back devices you are retiring. The international market for used devices and parts can save you money.

5. Financing Services:

We work with multiple finance partners to offer both finance and fair market value leasing options. We can put your purchase financing out to bid to help get the best rate and terms possible.

Chrome Device Costs

Chrome devices are typically sold with a license included, which provides access to the Chrome operating system and management console. However, if you need to purchase additional licenses for your organization, the cost can vary depending on the type of license and the number of devices you need to license.

There are two main types of Chrome device licenses:

  1. Chrome Enterprise Upgrade: This license provides access to additional features and management tools, such as enhanced security, access to the Chrome Web Store, and support for virtual desktop infrastructure (VDI). The cost for the Chrome Enterprise Upgrade license is $50 per device per year.
  2. Chrome Education Upgrade: This license is designed for educational institutions and provides additional features tailored to the needs of students and educators, such as Google Classroom integration and content filtering. The cost for the Chrome Education Upgrade license is $30 per device per year.

When you sign up for a Chrome Enterprise Upgrade, you will get a free 30-day trail. Final prices are subject to change, and may vary by region. Please contact us if you have any questions about the specific pricing available in your area, and to best determine how much value a Chrome Enterprise upgrade will have for your unique situation.

Click here to learn more about our ChromeCycle services, or contact us for a no-obligation Cloud Advisor consultation.

 

The Cost of Downtime Explained in 7 Ways

/in

A recent survey found that 40% of small and midsize businesses (SMBs) experiences 8 or more hours of downtime due to a severe security breach within the past year. According to the National Cyber Security Alliance, 60% of SMBs who experience a significant data breach go out of business within six months. The highest cost of an unplanned outage is more than $17,000 per minute. The average cost per minute of an unplanned outage is nearly $9,000 per incident. These statistics are sobering. For many SMBs, however, the risks still feel foreign and not something that warrants action. To protect your business requires some knowledge and good advice, intent, action, small investments.

It is easier to rely on myths such as, “We are not a target for cyber attackers”, “We can run on pen and paper until we recover”, and “Our customers will understand” than it is to assess your risks and take action. Nevertheless, the risks are real and the number of SMBs hurt by downtime continues to rise.

The cost of downtime can vary depending on the size of the organization, the industry, and the nature of the downtime. Downtime can be caused by various factors such as power outages, network failures, software issues, or hardware failures. In today’s world, it’s essential to streamline security if you’re a SMB, and understand the consequences downtime can have on your business.

Here are seven ways downtime can damage your business:

1. Monetary Cost

Downtime leads to lost sales and lost productivity impacting top-line revenue and your bottom line. These costs hit your pocket in addition to the cost of recovery and returning to normal operations. If you need to calculate the average cost of downtime, our specialists can help.

2. Customer Trust

When you are unable to serve your customers, they lose faith in your business. While downtime for natural disasters is understandable, today’s customers have little tolerance for disruptions due to cyber attacks and breaches. Lost trust means lost customers.

3. Brand Damage

Your brand identity and reputation drives customer loyalty and growth. Service disruptions from technology failures or breaches sends a message that your business may be poorly managed and is unreliable. These messages lead to loss of goodwill and create negative impressions of your business in the minds of your customers.

4. Employee Morale 

Disasters due to data loss or breaches means employees need to perform double duties. Employees spend time on recovery while working to keep the business operational. It often requires additional work hours. Recovery can be stressful and demoralizing.

5. Business Value 

Businesses that suffer data breaches and service disruptions are perceived as poorly managed. With the potential financial liability, public companies can see stock prices fall. All companies can suffer a loss of business value.

6. Legal Action

Downtime creates the risk of legal action. This is particularly true for downtime that is perceived as preventable. System failures, data loss, security breaches, and other incidents can put your business in breach of contract. You may also be in violation of state and federal regulations, making proper data protection and security vital.

7. Compliance Fines & Penalties 

As information privacy and security regulations expand, data loss and breaches create the real potential for fines and penalties related to regulatory compliance, privacy, and data retention requirements.

These risks carry the potential for lasting damage. Whether by increased financial burdens or winning back customers, the impact of downtime extends well beyond getting yourself up and running again.

Is your business worth protecting?

Protecting your business will not break the bank. We offer practical, affordable cloud infrastructure solutions that help you and your team understand the risks, prevent problems from happening, and continue operating in the event something bad does happen.

If your business is worth protecting, contact us for a complimentary Cloud Advisor session to discuss how we can improve your business’ resiliency.

 

Customer Notice: Email Advanced Threat Protection

/in ,

Data Protection

(Updated January 20, 2020)

We continue to witness the devastating impact of ransomware, crypto attacks, and other forms of cyber attacks on our customers.  The recovery cost and frequency of attacks are increasing at alarming rates. The average cost for a small or midsize business (SMB) to fully recovery from a cyber attack has increased to between $145,000 and $180,000. This includes loss of direct business, remediation costs, damage to reputation, and employee downtime.  At the same time, the number of ransomware attacks so far in 2019 has doubled when compared with the same period in 2018.

As a managed cloud service provider, you have heard from us that you “should” have more protections in place. Our position is changing: these protections are a “must”.

Multi-factor authentication (MFA) and email Advanced Threat Protection (ATP) are necessary, baseline services for protecting your business. 

Beginning April 1, 2020, we will require and will begin adding Advanced Threat Protection to all of our customers’ email service unless you specifically opt out. If you opt out, the cost of our data recovery efforts will not be covered under our unlimited support plans (See our Support Services SLA). When we add ATP to your service, we will discuss with you when we can add MFA.

We will mitigate the cost.

We are sensitive to your budget.

  • ATP requires a technical setup and typically incurs a setup fee along with the monthly or annual subscription.  We are discounting both the setup and subscription fees for all customers. For customers requesting Priority Opt-In, we will waive the ATP related setup fees completely.
  • MFA implementation is covered by our support plans as an administrative change.  If you do not have on of our support plans, we will provide an affordable, discounted quote for the project.
  • For customers without an unlimited support plan and/or those that choose to Opt-Out, we will discount our hourly fees for recovery work.

For more information on specific discounts and pricing, and to let us know if you want to Opt-In, to have Priority Opt-In, or to Opt-Out, please visit this web page and complete the form.

We realize that this is a significant change for most of our customers.  We also understand the importance of these protections.  Please contact us with questions or concerns

Thank you for being part of our community,
Allen Falcon
CEO & Pragmatic Evangelist

Managed Cloud Security: 7 Ways to Keep Your Cloud Environment Safe

/in

Managed Cloud Security ServicesIn a recently published report, one of Forrester Research’s five key cloud predictions is that cloud management providers will tackle cloud security.  With the Capital One breach, the first major breach in a public cloud, the industry has a new focus on security and public cloud services. Small and midsize businesses (SMBs) are more likely to use public cloud managed services over specialty providers and private clouds. As such, SMBs need to focus on cloud management.

What is managed cloud security?

Managed cloud security refers to the practice of outsourcing the security management and monitoring of a business’s cloud infrastructure to a third-party service provider. This includes the implementation of security measures such as firewalls, access controls, and intrusion detection systems, as well as 24/7 monitoring and incident response. With managed cloud security, businesses can ensure the security and integrity of their data and applications in the cloud, while freeing up internal resources to focus on core business operations.
Managing cloud security risks involves a multi-layered approach to ensure the security of a business’s cloud infrastructure.  Effective cloud management can prevent holes in your security protections and save you money.

Cloud management, as a practice, formalizes access, licensing, usage, security, and spending for your cloud services. Instead of focusing on each cloud application or service independently, Cloud Management as a practice oversees and manages the big picture.

Seven key components of Cloud Management are:

  1. Document which cloud services are needed and used based on each person’s role within the organization
  2. Based on need, determine the level of access for each person/group based on their roles and responsibilities
  3. Understand and document subscription and licensing rules for each service, to ensure you can optimize subscriptions and spend
  4. Create standardized on-boarding work flows to ensure new employees and those changing roles are
    • Provided access to only the cloud platform services they need
    • Are assigned appropriate access to features, functionality, and data within each system
    • Access to data is consistent across cloud services
  5. Create standardized off-boarding work flows to ensure:
    • All cloud services accounts are deactivated, preventing orphan accounts from being left open
    • Data within each cloud service is archived or transferred to other user(s), preventing data loss
    • Cloud subscriptions/licenses are modified to prevent unnecessary costs
  6. Track licensing and subscriptions to:
    • Adjust your subscriptions to match your need, as allowed by each cloud service
    • Identify and remove unused licenses
    • Understand and manage your spending
  7. Actively search for, identify, and manage use of unauthorized cloud services to:
    • Minimize or eliminate “Shadow IT” risks with respect to security, data loss, and compliance
    • Identify and move users from duplicate services to authorized services
    • Provide training on authorized apps and services, preventing the need to use other services
    • Identify cloud services needed or wanted by staff, but not yet available through and authorized app or service

By applying the basic tenants of cloud management you can reduce your security risks, optimize your services and licensing, and better manage your spend.

FAQs

What are the three key areas for cloud security?

  1. Data Security: This involves protecting the confidentiality, integrity, and availability of data stored in the cloud. It includes measures such as encryption, access controls, and data backups.
  2. Network Security: This involves securing the network infrastructure used by cloud services, including firewalls, intrusion detection/prevention systems, and virtual private networks (VPNs).
  3. Application Security: This involves securing the software applications running on the cloud infrastructure, including secure coding practices, vulnerability management, and web application firewalls.
By focusing on these three key areas of cloud security, businesses can effectively address the most critical security risks associated with the use of cloud services.

Cumulus Global offers Cloud Management tools and services.  Contact us for a free, no obligation Cloud Advisor session to learn more.

 

Chrome Device Lifecycle Update

/in

Like any hardware, Chrome devices have a useful life.  Per Google’s policies:

  • Every Chrome device receives regular updates from Google until it reaches its Auto Update Expiration (“AUE”) date, subject to support from component manufacturers. When a device reaches AUE, automatic software updates from Google will no longer be provided.

  • Chrome devices that have not reached their AUE date will continue to receive OS updates and function with Chrome Education Upgrade and Chrome Enterprise Upgrade (a.k.a Chrome management licensing). After the AUE date is reached, existing and future policies may not work as intended, and technical support will not be provided.

  • Google will publish a model’s AUE date after its release, giving buyers time to make purchase decisions. Please check the AUE date when making a purchasing decision.

For your convenience, we are providing a link to Google’s Chrome Device Auto Update Policy here on our site.

Cyber Protection: Time for New Best Practices to Safeguard Your Business in the Digital Age

/in

Cyber ProtectionAccording to a recent survey* of IT service providers, ransomware attack downtime costs 23 times more than requested ransom. The average ransom for small and midsize businesses (SMBs) victims jumped 37% to $5,900 from 2018 to 2019.  And lastly, the average cost of ransomware downtime jumped from $46,800 to $141,000, an increase of more than 200%. This underscored the importance of having cyber protection protocols in place in an increasingly digital age.

To add to your cyber security concerns, SMBs fall victim to cyber crime and ransomware attacks even when they have traditional antivirus, email/spam, ad/pop-up blockers, and endpoint protection in place.  67% of IT service providers report their SMB customers fall victim to phishing emails; 30% report that most customers still rely on weak passwords and access management.

The Need for a New Approach to Cyber Protection

Traditional cyber security solutions are no match for many cyber attackers. We need a new modernized approach to ransomware, with business continuity at the core.

Using business continuity as a guiding principle drives new best practices for preventing and responding to cyber security attacks. With a business continuity mindset, you focus on what is needed to keep the business running, and how quickly you can “return to operations”.  When we discuss business continuity, we understand that we need to take steps to prevent disruption, mitigate the scope of potential disruptions, respond effectively when disruptions happen, and have the systems and processes in place to recover quickly.

For over a year, we have promoted and refined our Security CPR® managed security services and model to help ensure appropriate data protection and security.

Implementing Security CPR® Managed Security Services Can Help Combat Cyber Threats

Communicate and Educate: Involve everybody in the solution by educating your team on the risks, how to spot and report fraudulent content, and how their behavior can prevent or help an attack.

Protect and Prevent: Implement multi-layer, multi-vector protections that focuses on your people (identities), data, applications, and systems. Our data, our businesses, no longer sit comfortably hidden in a computer room behind a firewall.

Respond and Recover: No defense is perfect. Have services in solutions in place that let you recover and return to operations within a time frame that protects the health of your business. More than getting data and systems back on line, put in place the forensics, legal, public relations, and customer service resources you will likely need in a cyber attack emergency.

Here are 10 Actions you can initiate today to improve your cyber protection:

  1. Ensure your computing environment is protected across multiple attack vectors: Identity, Endpoints, User Data, Cloud Apps, and Infrastructure.
  2. Deploy multi-factor authentication, advanced threat protection, next-gen endpoint protection, and DNS/web protection across your ecosystem for a comprehensive baseline or protection.
  3. Encrypt your data at rest and in transit.
  4. Educate your team on the risk and how their actions can impact the business.
  5. Actively manage your cloud and “as-a-Service” subscriptions, standardize on-boarding and off-boarding of staff and contractors based on role, application needs, and appropriate access to data.
  6. Understand how your team uses your business and unauthorized (“shadow IT”) applications and services.  Reign in shadow IT by ensuring your business systems provide staff with the necessary capabilities.
  7. Test your staff’s behavior related to cyber attacks and follow up with additional coaching and guidance. Discipline and, if needed, terminate those who are unwilling or unable to adapt to the current realities of behavior and risk.
  8. Upgrade from data backup/recovery to a business continuity solution that will get you up and running in minutes or hours, instead of days, should an attack get past your defenses.
  9. Arrange in advance for the legal, forensic, PR, communications, and customer service resources you need to respond to an attack with a potential or actual data breach.  Prepaid breach response services give you nearly instant access, reducing your risks and liability while bundling in baseline cyber insurance coverage.
  10. Get cyber insurance, either a baseline policy bundled with Breach Response services and/or a fully underwritten policy from your business insurance provider.

Please contact us for more information about your cyber protection, available assessments, and solutions. We are happy to schedule a free, no obligation Cloud Advisor Session.

* Global State of the Channel Ransomware Report. Datto, Inc. Oct. 2019.

 

Cyber Insurance vs. Breach Response: Why Not Both?

/in

Cyber AttackIf you’re debating between cyber insurance and breach response, you should consider getting both to be fully protected. For example, cyber liability insurance covers monetary losses as well as legal protection in the event of a breach. A data breach response plan, on the other hand, will provide you with immediate resources to combat the cyber attack and protect your financial interests.

There is a large discussion, and no small amount of pressure, for businesses to obtain cyber insurance policies.  Articles appear in a range business and technology publications, from the Memphis Business Journal to the Wall Street Journal, and from Inc. Magazine  to Forbes. But getting the right cyber insurance policy is not easy, and can be costly. And while cyber insurance helps cover damages, many policies do not provide immediate assistance with managing your response to an attack or data breach.

Cyber Insurance

For SMBs, three key cyber insurance considerations are the barriers to entry, coverage exclusions, and coverage delays.

  • Barriers to Entry
    • Most cyber insurance policies go through underwriting to determine coverage limits and premiums. This means the insurer will want to review and audit your security related policies, procedures, and technologies. Insurance carriers may also demand that you invest in new or additional measures in order to qualify for a policy or to ensure the premiums will be affordable.  For many small and midsize businesses (SMBs), this process requires specialized skills, time, and money. Many SMBs will need to spend over $5,000, with some spending up to $20,000, in order to pass the underwriting process.
  • Coverage Exclusions
    • Cyber insurance claims are routinely reduced or declined due to non-compliance with policy requirements.  Even after the underwriting process, most cyber insurance policies include dozens of security requirements that must be in place and properly maintained.  Any gap or misstep can be costly.
  • Coverage Delays
    • If your business is the victim of a cyber attack, your response has legal requirements and requires specific technical expertise. Claims processing can delay your ability to secure the resources you need for hours or days.

Clearly, cyber insurance one piece of the solution, along with appropriate security measures.

Breach Response

Having a Breach Response plan and resources in place will save you time and money.

In any cyber attack, start by assuming the attackers have stolen information.  If an attack can encrypt your files, it can steal under-protected files and data from your systems.  With a data breach, federal and state laws dictate a range of reporting and communication requirements that, if missed, can trigger fines and legal action. With a data breach, you need a range of expert resources and you need them quickly.

  • Legal Expertise fluent in cyber security laws and regulations helps ensure you comply with reporting and communication requirements to minimize your legal and financial exposure.
  • Forensics Expertise can identify the cause, timing, and scope of the attack and any breach, and can help validate that the issues allowing the breach have been resolved.
  • Public Relations Services will help you communicate with employees, vendors, customers, and as is often the case — the press. Providing accurate and appropriate information can protect your business relationships and your public reputation.
  • Contact Center Services provide a place for customers, vendors, and associates to call for timely and accurate information.  You are further protecting your business relationships and reputation.
  • Credit Monitoring for individuals whose personal or business information may have been compromised can reduce litigation risk and may be required by law.

Final Thoughts on Cyber Insurance vs. Breach Response

While cyber insurance policies generally cover these services, most do so as part of the claims approval process. As such, you may be out of pocket for thousands of dollars and fighting for reimbursement once your claim is processed.

By subscribing to a Breach Response service, the resources and expertise you need are available instantly,  7×24, without any additional cost over the monthly or annual fee.  These services often include basic cyber insurance policies that do not require any underwriting.  For many SMBs, the annual cost of this type of Breach Response service, with basic cyber insurance coverage, is significantly less than the cost of the underwriting process for a traditional cyber insurance policy.  Additionally, you can use this policy for coverage until they completing a policy with underwriting, or to cover initial loss coverage under a higher deductible (lower premium) traditional cyber insurance policy.

For more information about Breach Response Services and affordable Cyber Insurance, please contact us for a no obligation Cloud Advisor call.

 

Tech Leadership: Focus on Business Success

/in

Cloud StrategyThe tag line of a recent ZDNet article says it all:

Tech leaders have to support how their business generates revenues and profits if they are to be taken seriously.

As reported in the article, KMPG reports that 76% of CEOs want their technology projects to “make” rather than “save” money.  And while this data is from a survey of large and mid-market enterprises, we understand the small and midsize business owners and decisions makers want the same results. Cloud gives you the ability to reduce resources needed to manage and maintain IT infrastructure, which can free up resources for IT solutions closer to the revenue stream.

Your mindset as a business leader should remain on Business Outcomes; your IT service provider should have the same focus.

Whether you are the IT decision maker, you have a CIO or IT Director, or you rely on an IT service provider for strategic guidance and tactical solutions, here are some ways to rethink and redirect your IT direction and value.

  • Identify the biggest challenges in your organization: Start by understanding what your business wants to achieve and the most critical roadblocks. These are most often business, not technology, issues. Technology, however, provides the tools needed to overcome challenges and enable opportunities.  Let desired business results guide your technology strategy and drive specific projects.
  • Focus on how to develop new business models: Think beyond how a new technology can cut costs.  Explore and evaluate how emerging technologies, such as AI and Machine Learning, can enable your business to rethink “how” you work and how you manage revenue streams.
  • Use information to create a more efficiency: Take advantage of new business intelligence tools that empower you to convert your data into useful, actionable information.
  • Remember that “Digital Transformation” is a process, not a solution. Rethinking your business processes to better leverage cloud and new technologies continuous effort. Remember that new apps, tools, and templates need to adapt as you learn more and as your business needs and priorities change.
  • Pick the right partner: We are past the “one and done” era of IT solutions. Your environment needs to evolve with you business, your employees, and your partners.  Pick a partner that can stay with you for the long-haul.

Cumulus Global focuses on “Cloud Forward” IT solutions that support your desired business outcomes.  Contact us for a complimentary Cloud Advisor session to discuss your business goals, challenges, and priorities.

 

Manufacturers Beware: Attacks on Industrial Equipment are on the Rise

/in ,

Automation Cyber SecurityWe have seen the issue ourselves: A malware attack crosses the bridge from your network PCs to the controllers in your industrial machines. Your shop floor comes to a halt until you can recover. The effort is painful as you deal with embedded and stand-aside controllers running out-dated versions of Windows, limited network options, and compatibility issues.

The risk is so great, that ZDNet is reporting that the world’s largest and most well-known hacking contest, Pwn2Own, will focus on software for industrial equipment.  Reflecting the reality of current threats, the sponsoring organizations and the “white hat” hackers themselves see an urgent need to bring the issue of protecting your industrial equipment to the forefront.

Fortunately, best practices can help protect your operations.

While it is not always possible to protect your industrial equipment with “next gen” endpoint protection, you can take steps to protect yourselves from potentially devastating attacks and accidents.

  • Segregate
    • The network on which your production systems run should be physically or logically separate from other networks — office, voice, etc. — running in your business.
  • Isolate
    • Unless the equipment needs to communicate with the manufacturer, cloud-based systems, or other locations, the production systems network should not have paths to the outside world.
    • If the equipment needs to communicate externally, setup secure VPNs for all traffic.
  • Maintain
    • Whenever possible, update and maintain your industrial systems to run current versions of the manufacturer’s software and the underlying operating system.  Too many production machines are running obsolete versions of Windows that cannot be secured from attack.
  • Scan
    • Before moving any software or programming to a system, explicitly scan the files for malware.
  • Educate
    • Communicate with your employees about the risks and steps they can take to prevent a cyber attack to your industrial equipment as well as their computers and other devices.

Please contact us for more information or to assess your risk and discuss solutions.

 

Risk and Reward – Protecting the Value of Your Business

/in

Business ContinuitySeveral weeks ago, in a town not far from our headquarters, a massive fire destroyed a building housing six small businesses.  Our local business journal followed up a few weeks after the disaster with a poll asking business owners how prepared they are for a major disaster.

  • Fewer than 50% of responding business owners feel that they are fully insured, have an emergency plan, and could be up and running in a few days.
  • 39% feel that it could take a month or so, but they could eventually reopen
  • 17% felt they would be out of business or would required state and local aid to survive

While not a scientific sampling, the results are alarming.  Alarming for a few reasons:

  • Even with insurance, it can take days or weeks to get authorization so you can move forward with your emergency plan.  Securing a new location and replacing fixtures, inventory, etc. takes time, as does recovering computer systems and data.
  • More than 50% of businesses closed for 7 days due to a disaster fail within 6 months of reopening.  While many businesses might re-open in a month, the future will be challenging.

Your Risks are Yours

A major fire in a block of retail and service businesses creates specific challenges, as do storms and floods.  Many more businesses, however, experience disasters equal or greater in scope even if they do not have the same level of physical damage. Some examples we have seen.

  • A distributor of customized office supplies lost all electronic business records for the past three years when they where hit by ransomware. The attack corrupted their on-site backup servers as well as their main file and database servers.
  • A news publisher lost all of their physical servers, firewalls, and networking equipment when a sprinkler head failed in their small equipment room.
  • A small plastics manufacturer lost the ability to use their process control systems when embedded Windows workstations were corrupted by a malware attack.

In each of these examples, businesses with customer commitments, production schedules, and deadlines were idled for days. For some, full recovery can take months.  Beyond the hard cost of recovering systems and data, these businesses suffered from soft cost losses.  Missed customer commitments, delayed invoicing and collections, and the time employees spent on the recovery effort all have lasting impacts on your business.

Business Continuity is a not just a good idea, it is a responsibility. 

As business owners, our employees, vendors, and customers count on us.  While people can empathize with the impact of a fire, there is less understanding for businesses that fall victim to cyber crime.  Malware, phishing, ransomware and other attacks are generally preventable when your team is alert and aware of the risks and when you put reasonable identity, data, and system protections in place. And since no protection is perfect, you need to be able to recover quickly enough for your business to continue operating smoothly.

Here is some food for thought:

  • Know Your RTO:  Understand how quickly your business needs to Return to Operational.  Maybe you can work on paper for a few days. Maybe you need to be up and running in a few hours because you are at a standstill until systems are back online. Your RTO goal will guide your decisions on what protection and recovery/continuity services are the right match for your needs and budget.
  • Assess Your Risk: Understand the different disaster scenarios and how they may impact your business.  Think about physical issues, such as loss of power and catastrophic system failures, as well as other disruptions, such as cyber attacks and potential actions by a disgruntled employee.
  • Watch Your Flank: Asses how different types of threats could impact your business.  We are beyond hiding our computers behind firewalls. We still have physical threats, but we also have threats focused on networks, user identities, access control, third party services, and data sources and services. Each threat vector needs a plan for protection, response, and recovery.
  • Factor in Humanity: We used to talk about balancing security with ease of use.  Today, the humanity equation is different as most IT disasters take advantage of human factors like our fundamental desire be helpful when asked. In many ways, your team is your best defense. They need to understand the risks, the methods of manipulation, and the signs that something is not quite “right”.  Your team needs to understand the value of inconveniences like multi-factor authentication and enhanced privacy and access controls — that these protect them as well as the company.

Your next step.

Contact us.  It is time for a serious conversation about protecting the value of your business.  A basic assessment of your business continuity profile will identify risks and gaps. From there, we can discuss improvements and their business value so you can make informed decisions that balance your risks, needs, and budget.  Business Continuity solutions — from disaster prevention through recovery — do not need to bust your budget.   For most business, changes in security settings on existing systems paired with modest, incremental services provide the protection and recover-ability you need.