Posts

Prevent AI Data Leaks with the Right Tools

/in , ,

As leaders of small and midsize organizations, we need to operate efficiently and effectively within a range of security constraints. Laws, regulations, industry standards, and contractual obligations set expectations and, in most cases, impose requirements on how we manage and run our business and IT. Now, artificial intelligence (AI) adds a new layer of security challenges.

AI is most effective when it has access to a broad range of relevant information. However, that access must be carefully limited to authorized users, creating a delicate balancing act.

AI data leaks occur when AI tools and systems expose information to unauthorized users or share it inappropriately. These leaks can happen internally or externally, and may be accidental or intentional.

Preventing AI data leaks requires actively governing permissions and access, along with choosing AI tools that align with your security and privacy requirements.

Setup AI Data Governance

The days of “set and forget” permissions are over. At the macro level, AI data governance requires actively managing access controls and permissions settings.

Begin by reviewing and auditing your current access controls and permissions settings. It is common for users to rely on default sharing settings or to adjust permissions for convenience, often extending access inappropriately. While people may not actively search for and find private information, AI will.

Running an audit tool and resetting permissions can help close these gaps and provide a fresh starting point. Once permissions are properly configured, advanced security tools enable ongoing monitoring to identify new threats as they emerge. These tools can notify users and administrators of potential issues and modify permission changes to reduce risk.

Pick Secure AI Tools

With data access controls and permissions properly secured, the next step is ensuring that the AI tools and systems you use do not put your data at risk.

When selecting AI tools, look for the following attributes:Connect with a Cloud Advisor

1. Adheres to Security Standards

Include security as a critical criteria when selecting your AI tools and systems. Verify that the AI tools you pick adhere to industry and regulatory security standards.

2. Does NOT Train Models Without Permission

Never use an AI tool that trains their models without your permission. These tools effectively absorb anything you input and incorporate it into their models, potentially exposing your data to other users.

3. Does NOT Allow Human Data Review Outside Your Domain

Avoid AI tools and systems that allow humans outside of your organization to see or use data you have entered into the system. Even if these systems are not using your data to train their models, if others can see it, then it is not secure.

4. Does NOT Sell or Use Data for Other Purposes

Choose AI tools and systems that do not sell or use your data for purposes beyond providing the service. Outside of training, some AI tools mine data for sale to others for research, marketing, and other purposes.

The general rule of thumb is: If you pay, your data is private. If the tool is free, so is your data.

However, some paid AI tools still include terms and conditions that allow data collection and usage. Before moving forward with any AI tool or system, always check the fine print.

How We Help

Schedule an intro meeting with one of our Cloud Advisors. Our team can discuss how you can assess your risk, create effective policies, and select tools that deliver productive, secure, and affordable AI solutions. The meeting is free and without obligation.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with productive, security, and secure managed cloud services. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped hundreds of organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience and effective change management.

Small Business Summer Savings

/in

Small businesses and solopreneurs depend on their technology in ways that differ from larger organizations. Our laptops and desktops are critical to daily operations and access to cloud services, including Microsoft 365 or Google Workspace, is our lifeline. Without IT staff and spare equipment, we rely on our own abilities and outside help to keep things running and to respond to problems. Too often, we face disruptions and unexpected costs. Our Small Business Summer Savings options give you protection and security without busting your budget.

The Need

To ensure the availability and reliability of our IT services, small businesses need to protect their systems and be able to quickly recover should something bad happen. Essential services should:

  • Prevent malware, phishing, ransomware, and other cyber attacks
  • Protect files and data on computers and in the cloud
  • Secure access to systems and services
  • Help you and your team with issues, problems, and questions

As important, when something does go wrong, we need to be able to return to work quickly and efficiently.  We cannot sit idle for the 3 to 7 days it can take to repair or replace and restore a laptop.

The Services

Cumulus Global’s Managed Cloud Services provide the security, protection, and support services you and your business need.  Our Essential and Basic packages tailor to the specific needs of small businesses.

Our PC Continuity solution goes beyond backup/recovery for laptops and PCs.  In addition to backing up your files, we capture images of your entire system. In an emergency, we can spin up the image of your computer in a cloud data center.  Within a few hours, you are up and running from any device with a browser and Internet access.  You business keeps running while your computer is fixed or replaced.

The Offer

Through August 31, 2023, bundle our Essential or Basic Managed Cloud Services with our PC Continuity solution and save:

  • No setup fees
  • Up to 30% on monthly recurring fees for the first year

The Action

To learn more and get a quote, click here to schedule a call with a Cloud Advisor or send us an email.

About the Author

Allen Falcon is the co-founder and CEO of Cumulus Global.  Allen co-founded Cumulus Global in 2006 to offer small businesses enterprise-grade email security and compliance using emerging cloud solutions. He has led the company’s growth into a managed cloud service provider with over 1,000 customers throughout North America. Starting his first business at age 12, Allen is a serial entrepreneur. He has launched strategic IT consulting, software, and service companies. An advocate for small and midsize businesses, Allen served on the board of the former Smaller Business Association of New England, local economic development committees, and industry advisory boards.

Backup Your Google Workspace or Microsoft 365 Cloud: Use Cases Beyond Restore

/in

google workspace and office 365 backup

As we discussed in recent blog posts, Google and Microsoft clouds operate under a shared responsibility model for data protection. Google and Microsoft run internal backup systems to protect you should they have hardware or software issues. You, however, are responsible to backup your cloud, including Google Workspace or Microsoft 365. You need to protect your data from user deletions, user overwrites, malware, hackers, and other risks. This all starts with the proper backup solutions for Google Workspace or Microsoft 365.

A good backup solution for Google Workspace or Microsoft 365 does more than restore.

Microsoft 365 and Google Workspace Backup Solutions

These four use cases provide added value when you backup your Google Workspace or Microsoft 365 cloud.

1 Preserve Data From Past Employees

If you want to preserve data from past employees you have a few options:

  • In both clouds, you can continue paying for licensing for past/suspended users
  • In Google Workspace, you can also pay for Archive User Licenses
  • Subscribe to a third party archiving solution
  • Preserve backups for past employees after you remove their Google or Microsoft accounts.

With the ability to restore data to other accounts, you can use the backup as a long-term archive.  Doing so is less costly than maintaining licenses or moving to archive user licensing, and is comparable in cost to third party account archive solutions.

2 Transfer Data to New Owners

Both Microsoft 365 and Google Workspace provide administrative tools to transfer data and ownership between users.  These transfers, however, lack granularity and are generally available at the service level.  For example, you can transfer all documents to one user and emails to another user.

With a good backup solution, you can selectively restore data to any users.  As such, you can transfer specific files, folders, sites data, emails, etc. to different people as needed. An added benefit, you can also transfer data between employees as they change positions and responsibilities.

3 Archive Documents (and other data)

A third party backup solution can preserve and archive documents, as well as email, calendars, contacts, and sites data in support of your document retention policies or regulations.  Granted, both Google Workspace and Microsoft 365 offer several licensing options that include the compliant archive/e-discovery services for your data.

You may not need the rigor and cost of an upgrade or add-on service. With one or more backups per day, your preserve data as it exists at specific points int time.  Options for unlimited retention allow you to recover information, even after malicious deletions.

4 Escape Hatch

As a “best-practice”, backups should not be stored in immutable systems without altering the format.  Doing so protects your backups from cyber attacks by segregating your backup systems from your operating environment while preserving content.  With data preserved and the ability to export, the right backup solution provides an easier and efficient means of exporting data from Google Workspace and Microsoft Office.

Cumulus Global Can Help You With Google Workspace or Microsoft 365 Backup Services

We offer a range of backup/recovery, and business continuity services that we match to your needs and budget.

Schedule time with one of our Cloud Advisors or contact us to discuss which backup solutions for Google Workspace or Microsoft 365 backup solutions are right for you. The conversation is free, without obligation, and at your convenience.

About the Author

Bill Seybolt bio pictureBill is a Senior Cloud Advisor responsible for helping small and midsize organizations with cloud forward solutions that meet their business needs, priorities, and budgets. Bill works with executives, leaders, and team members to understand workflows, identify strategic goals and tactical requirements, and design solutions and implementation phases. Having helped over 200 organizations successfully adopt cloud solutions, his expertise and working style ensure a comfortable experience effective change management. 

 

The Kaseya Attack Effect

/in

Data Protection & SecurityThe Kaseya attack demonstrates how cyber crime is a big, organized business.  How big? You can subscribe to “Ransomware as a Service” and outsource attacks on your intended targets.  How organized? Hacker groups and service providers, such as the REvil Ransomware Group and DarkSide, actively manage their brands and reputations.  The REvil attack on Kaseya shows us that cyber criminals are technically advanced and operationally sophisticated. The nature of the attack, and its scope, should scare you.

By using known vulnerabilities in Kaseya’s VSA Remote Monitoring and Management system, REvil was able to create an automated ransomware distribution network. They used the very systems that Managed Service Providers (MSPs) use to monitor and manage customer servers, computers, and networks.

The Impact

MSPs update their Kaseya VSA servers automatically installed the Ransomware on their customers’ systems, as well as their own. Best estimates are that up to  1,500 small and medium-sized companies are victims. While this number seems small, those 1,500 business face an existential threat. Remember: more than half of businesses victimized by ransomware fail within six months.

Most MSPs shut down their Kaseya VSA services before spreading the ransomware. These firms had no ability to monitor, manage, or remotely support their customers. Customers facing IT issues were met with longer diagnostic and resolution times, resulting in business disruption, lost productivity , and the possibility of data loss.

As a managed cloud service provider, Cumulus Global does not use the Kaseya VSA system.  Our clients were not at risk, via our services, from this attack.

The Lessons

We were on the sidelines for the Kaseya attack. We understand, however, that the way in which may cloud services are managed create connections between vendors, resellers, partners, and customers. While these connections do not generally provide any access to customer data, they do provide access to management functions and information about users.  This information, in turn, could be used to improve the effectiveness of phishing attacks, spoof identities, and gain access to systems.

As a trusted IT advisor and a managed cloud service provider, we are part of a connected supply chain. We take our responsibility to secure our part of that chain seriously. While we follow commercially accepted best practices for security and privacy, the Kaseya attack warns us to step back and re-evaluate our strategy, policies, and procedures.

Our Next Steps

Cumulus Global is conducting an internal review of all of our internal and operational systems, including vendor portals and services we use to order, provision, manage, and support cloud services. As part of this review we are examining our policies and procedures related to:

  • Identity management and protection
  • Access to the systems
  • System level permissions related to function and data
  • Roles and responsibilities with respect to security and privacy
  • Business continuity plans and capabilities

Through this process, we are challenging our assumptions, re-assessing how we operate security and effectively, and raising our expectations for how well we protect ourselves and our customers.

We will also be making recommendations to our clients, and the broader community, on steps they can take to improve their security profile and protections.

Your Next Steps

As a user of cloud services, and technology in general, have responsibilities as well.

We Can Help

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

The State of SMB Cyber Security

/in ,

Data Protection & SecurityGone are the days when cybercrime was exclusively a big business problem. In the modern workplace, all businesses are at risk, regardless of their size or industry. Today, we recognize that implementing a cyber security program, much like hiring people and growing sales, is an essential part of running our companies.

With 43% of cyberattacks targeted at SMBs, it’s not surprising that many have identified cybersecurity as a priority. And while most of us have deployed protections, it is challenging to know if you have the right balance of protection relative to your risk.

Here are 4 key findings from research conducted by Microsoft:

01 Businesses understand that cybercrime is a problem, but understate the severity of the threat and overestimate their preparedness

The vast majority of businesses (85%) cite cybercrime as a concern, and more than half (56%) believe it is a top priority. Businesses are backing up this belief with action. Most have begun to invest both time and dollars into protecting their company from hackers and other malicious actors.

However, when you look a little deeper, it becomes clear that many have underestimated their risk. 74% of businesses don’t believe they are likely to be attacked at all and that corporations are two times as likely to be attacked.

90% of businesses say they have the right protections in place to prevent an attack, and those with more than 50 employees are even more confident. It is encouraging that businesses are investing in security, but the reality is that they are at greater risk than they think. Nearly half (41%) have been attacked

02 Small and medium-sized businesses are just as likely to be attacked as large corporations

For solutions that do cost money, businesses allocate about 15% of IT budgets go to cybersecurity,  and  21% plan to increase how much they spend protecting the company. Businesses recognize that this investment is worth it because three out of four know that it costs more to recover from an attack than it does to prevent one.

03 Employees can be a business’s biggest protection and also their biggest threat

As a small business owner, you face many of the same threats as larger businesses, but also unique challenges.

Given the number of security events tied to employees, businesses run the risk of underestimating the threat of employees leaking data or  sharing sensitive information, whether maliciously or accidentally.

Insider threats take several forms. Employees or partners may find it more convenient to transfer sensitive data using personal email or an unsecure cloud drive, not realizing the risk to your company. In fact, 30% of security events are attributed to careless or uninformed employees. More alarming is the roughly 36% of attacks where a malicious employee steals sensitive data.

04 Businesses have begun taking steps to protect themselves and there is a set of solutions and practices available to them

Most small and midsize businesses don’t have the same scale of resources to combat security threats and implement cyber security solutions as larger entities.

Fortunately, there are right-sized solutions and strategies designed to overcome the unique vulnerabilities of smaller companies. An effective security strategy doesn’t have to be expensive—or time-consuming. With a few simple, no-cost/low-cost steps, you can make a significant  impact on your company’s overall security profile. The key is to match security to your business needs and your budget.

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Top 3 Types of IT Security Threats and How to Prevent Them

/in ,

Data Protection & SecuritySecurity Threats: 3 You Know and 1 You Should

Security threats take many forms. Most owners of small and medium-sized businesses (SMBs) are aware of the need to defend against the top three — viruses, ransomware, and phishing attacks — but their organizations are generally not as prepared to deal with the risks related to employees leaking data or sharing sensitive information, whether maliciously or accidentally.

Top 3 Types of IT Security Threats

1. Viruses

According to research conducted by Microsoft, infection by a computer virus is the most commonly cited among security threats facing businesses. Preventing viruses requires an integrated approach to endpoint and identity management.

How to Prevent Viruses:

  • Deploy next-gen antivirus software, with advanced threat protection, installed and updated, on all devices
  • Use web filtering and monitoring services to prevent infection, even from trusted sites
  • Roll out mobile device management to secure work devices (including laptops and desktops), as well as personal devices used for work
  • Enforce the use of multi-factor authentication as part of an integrated identity and access management solution

2. Ransomware IT Security Threats

Ransomware is a type of malware that restricts access, encrypts files, or even stops you from using your systems. Like viruses, ransomware can enter the company through insecure endpoints or unsuspecting users.

While virus protections also protect against ransomware, no protection is perfect. You need to be ready to respond and recover in the event of a successful cyber attack. This includes implementing solutions and services, and ensuring you have the proper protocols in place.

How to Prevent Ransomware Security Threats

  • Backup your data and system images, in the cloud, to ensure your ability to restore and recover
  • Encrypt all data, at rest and in motion
  • Deploy business continuity services to spin-up copies of servers in parallel with remediation
  • Pre-arrange access to forensic, legal, and communications resources to ensure a proper business response
  • Acquire cyber insurance to cover remediation, recovery, and regulatory costs, along with lost revenue
  • Focus on the four pillars of cloud security, and continue to review them on a yearly basis

3. Phishing Attacks

The majority, 67 percent, of cybersecurity professionals surveyed consider phishing attacks to be the greatest security threat facing your business and employees. Take the proper steps today to protect your people, your data, and your business.

How to Prevent Phishing Attacks:

  • Configure advanced threat protection services to identify and block attacks via email using links and/or attachments
  • Monitor inbound and outbound email traffic
  • Provide your team with awareness training to recognize problem emails, and how to respond/act
  • Instruct your team to report suspicious messages, links, and attachments
  • Deploy domain level services to prevent identity-spoofing

1 Additional IT Security Threat You Should Know

!! Internal Leaks & Threats

Insider security threats are often overlooked, and small and midsize businesses are generally unprepared to deal with these IT security threats, accidental or malicious. Surveys indicate that 53% of organizations have experienced insider attacks against their organization.

These risks take several forms. About 37% of internal leaks can be attributed to careless or uninformed employees. In many cases, these employees are using personal, less secure or unsecured services to conduct business.  Whether consumer versions of email or cloud drives for sync and share, these “shadow IT” services pose a significant risk.

While the majority of internal leaks and threats are unintentional, 36% of internal leaks are identified as attacks by a malicious employee.

To prevent data leaks and breaches, you should:

  • Actively manage access and permissions to networks, systems, applications, and data; periodically review permissions for compliance
  • Leverage features within your systems that help you manage and protect confidential and proprietary information
  • Deploy information protection solutions, such as Data Loss Prevention (DLP) and document/message level encryption, to block sensitive data from leaving your control
  • Implement proper cyber insurance and breach response protocols

>> Take Action Against IT Security Threats

All of the suggestions, above, fall within our Security CPR® best-practice model and services for data protection and cyber security: Communicate & Educate; Prevent & Protect; Respond & Recover.

To assess your cyber security status, discuss your risks and needs, and identify solutions that fit your business and your budget, contact us to schedule a complimentary session with one of our Cloud Advisors.

Remote Workforce Security: Tips, Challenges & Lessons Learned

/in ,

As part of its Global Year in Breach – 2021 report, security firm ID Agent found that remote workforce security is more difficult than generally thought. With many of the changes in how we work expected to continue, as business leaders we need to embrace hybrid work as the way of the future.

What Exactly is Remote Work Security?

Remote workforce security is a subset of IT cybersecurity that focuses on protecting corporate data and other assets when employees work outside of a physical office. Implementing strong security protocols and technologies for remote access, educating employees on how to identify security risks and stay safe, and strengthening your overall business data protection and security are some of the best ways to secure your remote workforce.

What to Know When Developing Security Procedures for a Remote Workforce

Pandemic Triggers Panic

2020 and the onset of the global COVID-19 pandemic presented new challenges. The biggest challenge was cybercrime. The mix of understaffed IT departments, maintenance failures, unpreparedness, record-breaking cybercrime, and employee stress taxed IT teams and services. Cybercriminals took advantage of this golden opportunity, and businesses were hit hard.

Businesses needed to rapidly shift to remote operations. For those with older technology, this shift was especially difficult. Everybody became a remote worker. IT teams needed to become instant experts in remote workforce security, including knowing the four pillars of cloud security. For too many businesses, it was a mad scramble to to get their teams remotely or face shutting down entirely. Many employees lacked training in remote work; many IT teams had never managed remote security at scale. A barrage of unintentional, insider threats assaulted IT teams daily.

Stress Creates Vulnerabilities

Why was the massive shift to Work from Home such a boon to cybercrime?

IT departments were unprepared and understaffed.  Only 39% of IT executives polled felt they have adequate IT expertise on staff to assist with remote work issues. Only 45% of organizations reported having and adequate budget to support remote work.

At the same time, employees were dealing with unexpected stress at home and more likely to make cybersecurity mistakes. Over 50% of respondents admitted they were more error-prone while stressed. 40% said they made more mistakes when tired or distracted. Altogether, 43% of workers surveyed acknowledged mistakes resulting in cybersecurity repercussions for themselves or their company while working remotely.

Cybercrime Complications

Chaos and confusion created opportunities for cybercriminals. Experts estimate that overall cybercrime was up by 80% in 2020. Much of that increase was from phishing attacks. Cybercriminals took advantage distracted, stressed workers, with limited IT support, and immense numbers of email. In 2020, phishing attacks skyrocketed by more than 650%. Attacks hit 75% of companies and accounted for almost 80% of all cybercrime.

Successful ransomware also jumped more than 145%. In 2020, 51% of all businesses and 40% of small and midsize businesses experienced a ransomware attack. 50% of attacks on SMBs used vicious double extortion ransomware. Ransomware will continue to top the list of cybercrime trends in 2021.

FAQs About Remote Workforce Security

Next Steps for How to Secure Your Remote Workforce

Stopping ransomware and decreasing your company’s risk of a successful cyberattack against remote and hybrid workers starts with stopping phishing and its destructive effects. We have tools that help your IT team support and protect your people and your business, while also protecting your budget.

To learn more about you cyber risks, and solutions to fit your needs and budget, contact us and schedule a complimentary Cloud Advisor Session.

 

Business Email Compromise: 10 Stats; 5 Solutions

/in ,

Business Email Compromise (BEC) is a type of phishing-related fraud with far-reaching consequences. Not only can BEC attacks hurt your business, companies you work with can be damaged as well. BEC threats are hard to detect and mitigate, given the a byzantine structure of the attack.

Here are 10 statistics that demonstrate the increasing risk of BEC attacks, along with 5 solutions that reduce the chance of your business becoming a victim.

10 BEC Statistics

1Business email compromise rose by 14% overall in 2020 and up to 80% in some sectors
265% of organizations faced BEC attacks in 2020

3In 2020, BEC costs increased rapidly, from $54,000 in Q1 2020 to $80,183 in Q2.
4The energy and infrastructure sector topped the 2020 list with 93% of attacks
560% of the information on the dark web could potentially damage businesses

6In 2020, 80% of firms experienced an increase in cyberattacks

762% of BEC scams involve the cybercriminal asking for gift or money cards.
8The most common type of BEC scam is invoice or payment fraud
9Payment/invoice/billing scams skyrocketed by 155%, in 2020

10The average amount requested in wire transfer-based BEC attacks nearly doubled to $75,000 in the fourth quarter.

Protecting Against BEC Attacks

The most effective way to prevent business email compromise attacks is a strong, multifaceted defense against the primary delivery system: phishing email.  Here are 5 solutions that help you mitigate threats and the risk of successful cyber attacks.

1 Phishing Resistance Training

An absolute must-have for any organization in today’s tumultuous world is a strong cybersecurity culture. Too many employees are still clicking on dangerous messages. Strengthen your security culture and reduce your risk of suffering email-based cyberattacks by up to 70%.

2 Advanced Threat Protection

Go beyond attack profiles and blacklist lookups. Take advantage of next-gen protections that assess content and context, leverage machine learning, and analyze the behavior of links and attachments.

3 DNS / Web Protection

Secure your DNS traffic to help prevent cyber attacks that spoof or use your identity.  Block known, dangerous web sites. Block malicious web content and downloads, even from trusted sites that have been hacked.

4 Identity Access Management

Secure your user identities over time with a comprehensive approach. Include multi-factor authentication, password vaults, and single-sign on for your best protection.

5 Dark Web Monitoring

Your team probably uses their work email address (identity) to log into third party services. Breaches in these services put your business at risk. Monitor you domain for potential breaches so you can take action before you become a victim.

To learn more about these Business Email Compromise, other cyber threats, and solutions to fit your needs and budget, contact us and schedule a complimentary Cloud Advisor Session.

 

4 More Protections for Your Business

/in

Data protection iconIn our last blog post, we identified 3 must-have protections for any business using Google Workspace or Microsoft 365.

  • Backup/Recovery
  • Advanced Threat Protection
  • Multi-Factor Authentication

In combination, these protections help prevent successful attacks and give you the ability to recover should an attack be successful.

Here are 4 more protections for your business

Putting these protections in place improves your ability to prevent attacks, and your ability to survive.

1 Next-Gen Endpoint Protection

Basic anti-virus protection is not enough. Scanning files for known or similar patterns will not protect you from modern malware or ransomware.

Next-Gen Endpoint Protection solutions use advanced heuristics, behavior analysis, and machine learning to assess threats in real-time.  These solutions identify attacks, prevent them from running, and roll-back damaging activity.

2 DNS and Web Protection

Cyber attacks are not all breaches. Attackers can use DNS to block your use of the Internet or to impersonate you and your business. Both types of attacks hurt your business and your reputation.

Between 15% and 20% of malware is downloaded without your knowledge from websites. This malware is often hidden in third party content on websites your trust.

DNS protection creates a protective barrier that prevents others using your DNS service against you. Web Protection blocks dangerous web sites and prevents malware downloads to your devices.

3 Employee Communication and Education

Ignorance is not bliss. Employees who know are less likely to make a mistake and trigger an attack or breach. You want your team to understand:

  • The danger of cyber attacks and how to avoid them
  • The likely damage form cyber attacks
  • What to look for
  • What not to do

Employee communication and education is key to creating an aware and resilient team. Combined with testing and guidance, a communication and education program reinforces positive behaviors with on-going guidance and support.

4 Business Continuity for On-Premise Systems

Most small and midsize businesses still have some on-premise systems. The connectivity and integration across systems creates an increased risk for damage and loss. Even with backup/recovery in place, restoring systems, databases, applications, and data can take days. You want, and need, to be back in business quickly — in minutes or hours.

Business Continuity/Disaster Recovery (BCDR) solutions enable you to resume operations within minutes using images of your systems running in cloud data centers. With BCDR in place, your business runs smoothly while you recover your on-premise systems.

Failing to protect your data and systems is a failure to protect your business.  Contact us for a free assessment of your data and business protection needs.

3 Must-Have Protections for Microsoft 365 and Google Workspace

/in

Data protection iconMicrosoft 365 and Google Workspace protect your data using a shared responsibility model.  They provide redundancy and backup to ensure your service is performing, available, reliable, and secure.  You are responsible for controlling access, managing permission, and protecting your data from loss.

Here  are 3 Must-Have Protections for your Microsoft or Google Cloud Services

 

1Backup Protection for your Data

Data in the cloud is just like data stored on local servers and workstations. Information in in Microsoft 365 or Google Workspace can be lost due to accidents or malicious acts.

  • User action — overwrites and deletes — can destroy content and files, whether accidental or deliberate.
  • Malware and ransomware corrupt files that sync to OneDrive, SharePoint, and Google Drive, can damage or delete your files.
  • Integrated third party apps can damage or delete information.

You need, and want, the ability to restore files, emails, contacts, and other information. A secure backup/recovery solution protects your data, and your business.

2Advanced Threat Protection

Cyber attacks come in many forms. The most common and most effective attacks still use email. Cyber criminals use behavior science and advanced phishing techniques to access your systems, collect personal information, steal data, and ransom your business.

Advanced Threat Protection (“ATP”) is more than “spam and virus protection.” ATP uses machine learning, advanced analytics and heuristics, and behavior analysis to identify and prevent cyber attacks from reaching your inbox. Methods like sandboxing safely test links and attachments before delivery.

Even an educated and aware team can and will fall prey to attacks. Prevention is key.

3  Multi-Factor Authentication

Your team members are human. While they may understand and respect the need for robust and unique passwords, human nature always tries to balance convenience.  Studies show that 70% of us will use the same, or substantially similar, passwords across systems. A hack or breach in a third-party tool poses a significant risk to your employees’ work identities.

A compromised identity does not enable access when you have additional authentication steps. Authenticator apps, dynamic security codes, and security tags/fobs each add physical verification to your digital access.

With cyber attacks on the rise, better protection is worth the minor inconvenience of multi factor authentication. Multi factor authentication delivers one of the best protections against breaches and unauthorized access.

Failing to protect your data in Google Workspace or Microsoft 365 is a failure to protect your business.  Contact us for a free assessment of your data and business protection needs.

Webcasts

Email Security and Reliability

/in

(8/17/2021) – A deep dive look at email security and reliability, with a focus on how DMARC prevents business email compromises, spoofing, and phishing attacks. In addition to protecting you from inbound attacks, DMARC protects your domain’s reputation and helps ensure reliable email deliverability.

Read more

Email Security and Compliance

/in

(7/20/2021) – An updated look at email security and compliance. Summarizing risks and trends, we dive into a tiered approach to ensuring your business, data, employees, and reputation are protected.  We also discuss emerging compliance requirements and steps you can take to ensure you operate within regulatory, industry, and policy expectations.

Read more

Small Business Guide to Cyber Threats, Security, and Response

/in

(6/15/2021) – A practical guide to cyber threats and security. We will share data that quantifies the most prevalent types of risks and will outline practical, reasonable, and affordable steps you can take to both protect your business and, should an attack succeed, respond and recover.

Read more

library

State of Security for Small and Midsize Businesses

/in

eBook | Source: Microsoft —
This eBook identifies key findings in studies and surveys covering security for small and midsize businesses, and provides set of recommendations to ensure …

Read more

Protect Your Business – Top 3 Security Threats

/in

eBook | Source: Microsoft —
This eBook explores how you can safeguard your business against the top three security threats, plus the one threat your business is probably overlooking.

Read more

Crash Course in Office 365

/in

eBook | Source: Microsoft —
You already know the productivity power of Office applications like Word, PowerPoint, and Excel. Full adoption empowers you to access your …

Read more

Global Year in Breach – 2021

/in ,

eBook | Source: ID Agent —
2020 saw a cybercrime boom that included record-breaking phishing and ransomware threats. This report provides insights into the rapidly changing cybersecurity landscape; forecasts cybersecurity trends for 2021; and provides helpful advice about smart risk mitigations that fit every business and every budget.

Read more

Google Workspace Security

/in ,

eBook | Source: Google —
Google started in the cloud and runs on the cloud, so it’s no surprise that we fully understand the security implications of powering your business in the cloud.

Read more

Make it Work: The Future of Collaboration and Productivity

/in

eBook | Source: Google —
The future of work is here – it’s just not evenly distributed. This report identifies three changes businesses  can make to work in the future

Read more

Unblocking Workplace Collaboration

/in

eBook | Source: Microsoft —
Poor workplace collaboration is 1 of 5 top reasons people quit their jobs. Break down collaboration blockers so that teams …

Read more

Google Workspace Migration Guide

/in

eBook | Source: Google — What are your goals, and what makes one technology solution the best fit? Here are some insights that can help facilitate a smooth transition to new workplace productivity tools at all stages — with specifics on Google Workspace — from decision to preparation to deployment to upkeep.

Read more

Six Types of Remote Workers and How to Support Them

/in

eBook | Source: Microsoft —
Great teams build great companies. Understand the six types of remote workers who impact your team, evaluate their technical needs, assess their …

Read more

The Ultimate Meeting Guide

/in

eBook | Source: Microsoft —
Many businesses experience a sizable gap between the increasing number of meetings and the value derived from the time spent in these meetings. What can you do? The simple answer for better meetings is to …

Read more