Managed Services Can Provide a Lot of Value
How does your business manage its technology solutions? If you’re like most small businesses, you likely have limited technology maintenance, and not necessarily due to any fault on your part. Small businesses have limited budgets and resources available to them, making technology maintenance less accessible. Thankfully, managed services are here to make sure that you never settle for less than what your organization needs.
In terms of managed services for technology maintenance and management, you might be surprised by how diverse and wide the breadth of services offered actually is. There are IT services for just about any resource that your business would want to take advantage of. We’ll walk you through some of the best and most valuable that any organization can leverage.
Servers require intensive care, as does the rest of your business’ computing infrastructure. If you’re not a trained technology expert, you probably shouldn’t be handling servers, as the slightest issue could set off a chain reaction that leads to unprecedented downtime and data access issues. Unfortunately, hiring individual trained IT professionals can be expensive, and you could be limited by your geographical region as well. Managed server hosting can eliminate the need to host servers on your infrastructure. A managed service provider can host them off-site in a secure location where all of your data can be accessed remotely and maintained by on-site staff.
Network security is one of those tricky parts of managing a business that requires a lot of industry-specific knowledge. Because of this, network security is something that a lot of businesses fall short on, as they either don’t have professional staff on-hand who know how to secure specific kinds of data, or they simply don’t perceive themselves as vulnerable. This is very far from the truth. If you don’t take steps toward keeping your business secure now, you could regret it in the future. This is why we urge you to consider implementing security best practices now, while you still can. Outsourcing this responsibility to a managed service provider is an excellent way to make sure that patches and other security augments are managed and maintained properly.
Help Desk Management
Even if you have an in-house team, they likely don’t have time to get to every little bit of technology maintenance and management, let alone help all of your organization’s employees work with their own devices. In cases like this, it’s helpful to have an outsourced organization that you can rely on to pick up the pieces that your in-house team can’t get to. This includes helping others within your business with any issues that they might be having with their devices. Think about how much time your employees could save if they had a single number to call for anything related to their technology troubles.
Overall, the biggest value point that you can get from managed services is the cost vs. value. You actually wind up saving money in the long run by working with a managed service provider, as the value received from working with an outsourced provider ultimately winds up paying for itself compared to investing in adding new salaries to your budget. VentureNet can help your business with just about any managed services you’ll need. To learn more, reach out to us at 214-343-3550.
Seamless Access and Its Role in Your Business’ Productivity
Productivity is crucial to every workplace. If your employees are not properly leveraging their opportunities to be productive, then they are ultimately costing your business a considerable amount. Thanks to technology solutions, you can help your employees stay productive in numerous ways–chief among them being access to crucial data and applications.
The first technology that might make you think of productivity is access to the cloud. Thanks to the cloud, many businesses are taking advantage of services that might not otherwise be accessible without using a desktop or similar device. We’ll walk you through some of the ways that your business can take advantage of the cloud and other access technology to improve productivity.
Cloud-Based Productivity Suites
Most businesses need access to certain applications in order to be productive, often including a word processor, slideshow creator, and spreadsheet software. If you store them on your internal network, it might be difficult to access them if you haven’t already taken measures to enable such access. One of the ways you can do this is by storing any critical applications and data in a cloud-based environment. Any allowed devices will be able to access data in the cloud, as well as open any applications that are stored on your infrastructure–all by simply accessing them through a web-based dashboard. This allows employees to work hard, even when they aren’t in the office, as well as being able to do so on devices which they are most familiar with. This allows them to get even more done in the same amount of time.
Seamless Access Has Its Toll
While it’s especially important that your business employees have anytime-anywhere access to assets, the question of security will always remain an issue for your business. With more devices than ever before accessing your business’ data, it’s critical that you take measures to secure it. One of the best ways to do so is by implementing a virtual private network for remote data transmission. A VPN provides your employees with a great way to access data in a secure fashion. Essentially, any information sent to or received by your mobile devices through a VPN has to travel through an encrypted tunnel, where it must be decrypted before being viewed. This means that even if it’s intercepted along the way, it’s unlikely that any unauthorized eyes will be able to tell what the data is. We recommend that any organization using mobile devices for more productivity implement a VPN.
Does your organization want more seamless access to its data? VentureNet can help. To learn more, reach out to us at 214-343-3550.
4 Ways Cloud Computing Can Help Your Business
The cloud has brought with it a plethora of benefits for small businesses, so many that organizations often are under the impression that the cloud can solve even the biggest issues. While we can’t speak for each and every business out there, we can say with confidence that regardless of your organization’s size, it can benefit in some way, shape, or form from a little bit of cloud implementation.
We’ll discuss some of the most common ways that businesses take advantage of cloud computing.
File sharing is one of the biggest reasons why a small business might choose to make the jump to the cloud. It enables cooperation through a centralized environment dedicated to file sharing, and it allows businesses to access important information without being on-site or in the office. This extra flexibility can be a major benefit for businesses that have a limited time to get work done, and since it connects users to the tools and information they need to keep busy no matter their location, productivity can skyrocket.
Other businesses are also taking full advantage of the cloud to create powerful cloud-hosted communication infrastructures. A business can save a lot of money by investing in a cloud-based Voice over Internet Protocol (VoIP) system, or a cloud-based email solution. By working with the cloud to create your ideal communications infrastructure, your organization can put together a feature-rich solution that is both more flexible and functional overall. For example, a VoIP solution can have a lot more features than your standard landline. A business can implement a customized VoIP solution with all the necessary features of a traditional phone system, plus some. You can fully leverage messaging, conferencing, and other types of enterprise-level phone services at a much more affordable and less wasteful cost.
Hosted email allows for a lot of benefits that you simply wouldn’t be able to achieve if you hosted your own email server in-house. You can completely cut out the unnecessary costs of hosting and maintaining your own email server, while also improving security and functionality through message encryption and instant messaging integration.
Cloud providers all over the world offer services to their users that include countless gigabytes of cloud storage. Since this is so affordable, not just individuals, but businesses as well, try to take full advantage of cloud storage services. The issue that many businesses face in this regard is the idea of their data being hosted in a public cloud storage system that doesn’t give them as much control over their data as they would like. This is why so many organizations prefer to host their own private clouds on-site, or in a collocated data center where control isn’t an issue.
Cloud storage is great for businesses because the data can be accessed anywhere at any time, giving the business a considerable amount of mobility and flexibility that adds up in the long run. The apparent lack of security is generally in regard to how employees access cloud-based data, not the cloud environment itself, as it’s likely that the cloud is encrypted and secured. Some organizations already turn to the cloud for their data backup and disaster recovery strategies.
Security is critical for any IT administrator, which makes it a natural choice for a cloud solution. Since there are so many threats out there that need to be addressed, it only makes sense that cybersecurity firms start to offer these services through a cloud-based environment. Thanks to Security as a Service solutions, you can remote into machines to set up any security services that meet your organization’s needs. In particular, this is good for organizations that rely on the Internet to go about their daily duties, as well as constantly updating and maintaining the hardware and software solutions with the most recent threat definitions. You can leverage solutions like content filtering, spam blocking, and much more through a good cloud security investment.
How can your business leverage the cloud? Find out by calling VentureNet at 214-343-3550.
Hackers Target Municipalities and Why That’s a Problem for Your Business
On March 22, 2018, a remote-triggered ransomware called “SamSam” demanded a one-time payment of $51,000 be made to restore the city of Atlanta, Georgia’s, data. Despite an operating budget somewhere in the neighborhood of $625 million, Atlanta’s municipal leaders refused to pay the fine. The “hostage situation” has cost the city over $2 million already with an expected $9.5 million more likely to be spent restoring and re-enforcing the municipality’s network and infrastructure. This doesn’t take into account downtime and the significant amount of data lost in the hack. Whether or not you think it’s a good idea to not pay the ransom, if a whole city – especially one as large as Atlanta – can effectively be crippled by a single hack, you better believe that your business has to get serious about its cybersecurity efforts.
The situation in Atlanta, where months later they are still foraging through the rubble, is a cautionary tale for everyone; and by in large, you are seeing that everyone is taking this threat seriously. With WannaCry, Not Petya, Locky, and Crysis all hitting the business community in 2017, it has become evident to a lot of business owners that they only thing standing between a fate where they are paying some dissident group for their own data, and one where they are insulated from this hell is their ability to act on the cyber security strategies they’ve created for their business. Today, we will go into why these attacks keep happening and provide you with some of the best practices organizations like yours are going to have to implement (and stay on top of) if you don’t want to be just another victim of hackers looking to make a quick buck.
Reasons for Ransomware
The obvious one is greed. Hacking groups that have the knowledgeable personnel want to extort money from people who can (and will) pay it. There have been extensive studies done in the effort for law enforcement and security professionals to understand just what makes cybercriminals tick. Most black hat hackers don’t start hacking to cause chaos, they started doing it because they were curious and when it becomes obvious that companies and organizations have major security holes in their networks, instead of stopping, they crack the network open and see what they can find. Some even start benevolently sharing the information with companies, but contempt for prideful IT administrators who wouldn’t admit to vulnerability for fear of looking bad at their jobs, can get the curious hacker to retaliate. Once the money starts flowing in, the individual can justify their decisions.
People do worse for money, right?
But why ransomware? Well there are a few factors that have evolved malware into ransomware. Firstly, the relevance and general unregulated cryptocurrency market. Since there is no real oversight in cryptocurrency, and Bitcoin holders have total anonymity it makes it ideal for hackers to demand. Secondly, abundance of code. Ransomware-as-a-Service offerings on the dark web allow malevolent parties to gain access to code that only a short time ago, required professional coders to write. Thirdly, modern day operating systems don’t have the runtime detection capabilities that could stop ransomware execution. Lastly, and probably most importantly, is that users have not been properly trained on how to protect themselves when opening attachments.
Security has been getting better, but with hackers facing uncrackable encryption rolled out by IT administrators and cybersecurity professionals, they have become increasingly skilled at deploying social engineering tactics and phishing techniques. Today, it can be difficult for the average computer user to ascertain that they are looking at a phishing email with a spoofed email address, giving hackers new avenues to infiltrate or get their malicious code onto networks.
What Can You Do?
There are several strategies you can take to keep your network free from ransomware. They include:
- Back up your data: In keeping regular backups of your system and changes in data offsite, you are essentially protected against any type of ransomware situations. Sure, you may deal with a bit of downtime, but talk to your IT professional about your recovery options to ensure that if something terrible happens, your business won’t lose any critical data.
- Educating employees: Ransomware is often deployed the same way a lot of malware is, through email attachments, downloads, and through the web. Training your staff on how to decipher risky situations, and what to do when they encounter them, can go a long way toward keeping ransomware, and other malware, off of your business’ network.
- Restricting access and code execution: Sometimes ransomware is written to execute from data folders, so having a full access control system in place can add a line of defense to your security system.
- Maintaining and patching software regularly: Keeping your anti-malware and security software up to date can go a long way toward keeping malware like ransomware off of your network.
There are a lot of other practices at a network level and with your email solution that you can utilize to keep unwanted entities out of your network. The IT professionals at VentureNet are experts at keeping network and infrastructure up and running, reducing downtime, and providing a dynamic, secure, and reliable computing environment conducive to high-levels of productivity.
Ransomware may be a huge threat to the health of your business, but with the right solutions and practices, you won’t end up like the city of Atlanta. Call us today at 214-343-3550 to learn more about our comprehensive cybersecurity services.
Highly Regulated Industries Come with Their Own Demands
Regulations are put on certain data constructs for a reason: the data within is sensitive. Today, there are seemingly more regulations than ever, and as the GDPR kicks in for organizations that deal with EU-based organizations, we thought it would be a good time to talk about how to navigate these highly-regulated environments to ensure success and security.
While there are movements of industry professionals lobbying for improvements to some personal data protection laws, not much has been done about it by legislators in the U.S. The regulations that are on the books work to protect certain types of personal information, but there isn’t that overreaching article that states there will be consequences for losing someone else’s personal information. Within certain environments however, it is extremely important to know how to navigate as not to mistakenly expose information that has no business being shared.
In Healthcare We’ll start with healthcare, as it is the most prevalent. Healthcare data is protected, and that protection is regulated, and all for good reason. This information is the most personal information a person can reveal and has no business being in possession of anyone but the provider, the insurer, and the patient. The most well-known regulation for healthcare in the United States is called the Health Insurance Portability and Accountability Act (HIPAA). It was constructed to keep personal healthcare data secure as new systems of transfer and new insurance practices were being implemented.
Healthcare information isn’t all handled the same. There are a multitude of organizations that oversee different parts of the healthcare process. The Center for Medicare/Medicaid services focuses on patient care, while the Occupational Safety and Health Administration (OSHA) focuses on the safety of workers. This is just the tip of the proverbial iceberg. With so many regulatory agencies thumbing around it can be difficult to ascertain which practices are the best practices, and which strategies work to keep every party involved insulated from having their sensitive information compromised.
For the healthcare providers it can be pretty harrowing, since they are for-profit businesses and need to keep certain information on the ready to facilitate solid operational integrity, as well as to ensure that rising costs aren’t sinking their practice. So many providers are constantly revisiting the best ways to stay compliant, while transforming their policies around the existing standards of data protection. This creates a lot of headaches and toiling over policy. One of the best ways to navigate this arena is to set defined practices that work to mitigate redundancy.
To Backup Your Business’ Data, You Can’t Rely on Tape
These days, it’s unheard of to run a business without some form of data backup and disaster recovery in place, no matter how basic or crude. In a worst-case scenario, you could lose so much more than just your business’ data. All of the future ramifications of such an event compound and can snowball into a situation that makes it borderline impossible for your organization to recover. Therefore, the best way to approach this situation is to make sure that it doesn’t happen in the first place.
For a long time, the most prominent data backup solution took advantage of magnetic tape to store data. The cassette would then be stored either off-site or on site to be used in the event of a disaster. These tape backups are also subject to user error, so unfortunately, they cannot be as reliable as a solution that is automated. As such, tape backup pales in comparison to the gold standard of data backup and disaster recovery, BDR, which takes advantage of the cloud.
When it comes to tape backup, the lack of automation really hurts its chances of being a viable solution. An employee would have to set a tape backup so that it could be successful, and without doing so, no backup is taken. Since there is no room for user error, tape backup is naturally an inferior option compared to the automated systems you get from a network-attached BDR. If someone fails to set the tape backup, an entire day’s worth of data could be put in jeopardy.
Tape backup is also far from the ideal solution because it is limited in its ability to really help your business. Since tape backup is too resource-intensive to happen more than once a day, it has to be done after-hours when there is less strain on the network. This means that more data could potentially be lost. Furthermore, physical tape backups can be destroyed by fires and floods or corrupted by hacking attacks. They can be destroyed just as easily as the rest of your organization, and as such, must be stored off-site for maximum recovery potential.
Just about all of the issues that you might have with tape backup are resolved by working with a BDR solution. BDR technology allows your organization to keep downtime and data loss to a minimum. BDR can take backups as often as every fifteen minutes, making it the ideal solution to an organization that can’t risk losing anything (hint: that’s yours). Since data is stored off-site in a safe location, you don’t need to worry about external sources messing with your odds of survival.
Is the Internet of Things Growing Too Fast for Everyone’s Good?
The Internet of Things is no longer a pipe dream that could become a major influencer in the technology market. It is now a reality, and as such, you need to take measures to ensure that it doesn’t become a major issue for your business. How big is the Internet of Things, truly, and how does this influence your business? Is there even any hope that you can protect yourself from it? Read on to find out.
In fact, it wasn’t so long ago that the Internet of Things became a notoriously dangerous entity, and it’s all thanks to a little something called a Distributed Denial of Service (DDoS) attack. A DDoS attack is an attack that uses many hacked devices to target a system. In this case, the devices were infected with a malware variant known as Mirai. Together, the devices created a massive botnet that was used to attack Dyn, one of the largest domain name providers out there. But the real victims of this attack were much more widespread than just Dyn–any services that relied on its services, including Amazon and Twitter, were also influenced by the attack.
This fear of a major mobile device botnet is what fuels the debate about the future of the Internet of Things and brings into question whether or not its rapid growth is something to be concerned about. When millions of devices can be connected to create a malicious network and orchestrate a massive attack that downs even the sturdiest of networks, you know that you’re dealing with a formidable force. The Mirai botnet specifically targeted devices that haven’t changed their default passwords and considering how few users actually change them in the first place, it seems that this tactic was quite successful.
If you take a moment to consider this, it seems likely that the more devices are out there, the more contentious security becomes – not just for the business environment, but on a personal level as well. Most of the devices used in this way aren’t devices that you would typically think of as having connected features. Some examples are automobiles, kitchen appliances, and even home controlling devices such as lights or thermostats. Naturally, the more devices you have in any given area, the more likely it is that there will be security issues in regard to them, so how can your organization ensure that it’s not going to be taken advantage of by a rogue botnet?
It’s incredibly important that your business prepare for any instances of potential malicious activity both on and around your mobile devices, including any connected devices on your network. If possible, change any default passwords found on your devices, and protect your devices with a mobile device management solution. All of this should be in preparation of a worst-case scenario–a device being controlled remotely by an external threat.
CRM or ERP: Which Is Right for You?
At first glance, a customer relationship management (CRM) solution and an enterprise resource planning (ERP) solution might seem quite similar. They are both ways to help you get the most out of what you have using technology solutions, but they have specific uses in a business environment.
Customer Relationship Management (CRM) Simply put, a CRM is designed to provide businesses with a way to seamlessly communicate with and manage both current and prospective clients. CRM solutions are often used to automate certain operations and generally make the sales process much easier and more efficient. Here are some of the major ways a CRM can help a business:
Better customer communicationsOrganization for your sales teamsRevenue creationAbility to target potential customersCustomer loyalty and satisfaction
Ultimately, a CRM is designed to keep your business’ customers engaged with your brand or product. This helps to retain and improve sales figures, all while helping you build and maintain relationships with clients. It’s the ideal way to manage operations, onboard new clients, and push them through your sales process.
Enterprise Resource Planning (ERP) In direct contrast to the customer-side of the business model, the enterprise resource planning solution looks internally to better manage operations and internal data. It’s a one-stop resource for sharing data—-all of which represents the different parts of your business. Typically used in manufacturing, the ERP presents quite a few options to manage the supply chain as well as internal business operations. The ERP can provide the following benefits to a business:
Provide resources to employees for the purposes of planning and collaboratingStreamline internal processes with seamless access to important data and resourcesImprove collaboration and visibility of important internal functions
In short, an ERP can be thought of as the central nervous system of your business. It provides near-constant access to information and resources that are required for streamlining internal operations, making it crucial for the success of any organization.
You May Have a Backup, But Could it Be Better?
Data backup is important for businesses that want to keep their data safe in the event of a disaster scenario, but each organization’s specific needs will vary. One thing is important to keep in mind, though, and it’s that your business can’t afford to not have data backup. In other words, you need to be prepared for any situation so that you aren’t left wondering if you’re ready to deal with a disaster scenario.
Here are four major topics to consider the next time you’re thinking about whether or not your data backup practices are up to snuff.
Which Data Are You Backing Up?
How much of your data are you realistically backing up? The answer we are looking for is “as much as possible.” Granted, if you have legal obligations to back up specific information, those obviously have to be prioritized. The last thing you want is to suffer from compliance-based fines on your organization for not properly handling sensitive information.
Are You Protecting Your Data Backups?
The last thing you want to do is store your data backups in an unsecured location, particularly if that location is on-site. If a hacker attacks the network or you experience a crippling data loss disaster due to a natural occurrence, such as a fire or a power surge, any unprotected backups on your infrastructure will be destroyed as well. It’s true that having a backup stored on your network is helpful, but it’s equally important that you protect it and have an extra stored off-site for later access.
Where Are Your Backups Stored?
It might be convenient to have an on-site data backup, but it’s equally important to have multiple copies of it backed up. To this end, we recommend implementing the 3-2-1 rule. You keep three backups of your data altogether–one on-site for easy access, and two either off-site or in the cloud for easy restoration in the event of an incident.
Have You Tested the Reliability of the System?
If your backup systems don’t work, then why are you using them? You’ll never know until you try to restore your data, in which case it will be too late. To avoid this situation, you should frequently be testing your backups to ensure they work. Otherwise, you could be staring a disaster in the face and not have a solution immediately on-hand to remedy it.
VentureNet can help your business implement a Backup and Disaster Recovery (BDR) solution that takes frequent backups and stores them securely in an off-site data center for later recovery. To get started, reach out to us at 214-343-3550.
Mobile Cybercrime Puts Your Business at Risk
The opening ceremonies of the Olympic games are always a spectacle, and the people of Pyeongchang County in the Republic of Korea didn’t disappoint. While the world watched, behind the scenes there was a cyberattack going on. The attack, carried out by Russian hackers, seemingly retaliating for a nationwide ban placed on their athletes at the games, paralyzed LAN and Wi-Fi communications, prevented tickets from being printed from the Olympics website, and took until 8 a.m. the following day to restore.
We reference the Olympics because for the past three Olympic games, the Pyeongchang games, The 2016 Summer Olympics in Rio De Janeiro, Brazil, and the 2014 Winter Olympics in Sochi, Russia have all been marred somewhat by cybersecurity issues. If an event that is planned for years in advance–and has the cybersecurity budget the Olympics has–what does that mean for you and your smartphone? This month, we will take a long look at mobile cybercrime, its increased relevance, and what you need to know to combat hackers that target mobile.
Mobile Is Just the Next Step
When you consider just how much people depend on Internet-connected computing, and how many applications are developed that require Internet access, it can’t really be a surprise that Internet-related crime increases at similar rates. The problem is that the rate is substantially higher than many people were ready for; and it is causing a lot of problems for computer users all over the world.
When we talk about mobile cybercrime, however, we are mostly talking about the act of using mobile devices as a revolving door through which hackers access secure networks, steal data, and personally identifiable information by the terabyte. In a study conducted by Nokia in 2016, over 1.3 of every 100 phones has some form of malware on it, a whopping increase of 400 percent over 2015. The percentage is growing, and fast. Now four-in-every-five malware infections happens on a smartphone.
Mobile constructs are being infected, and hacked, and data is being stolen, repurposed, and sold. There are several ways that people are able to accomplish this. They include:
Mobile apps have transformed the way that computing constructs work. They are so effective that the largest software company in the world, Microsoft, altered the way they go about application development when developing Windows 8. Using the format used by mobile platforms developed by Apple and Google, the “app” allows developers to utilize the touchscreen to create a more “hands on” approach than the traditional mouse and keyboard approach used by desktop applications.
All apps aren’t created equal, however, and some are developed with vulnerabilities, or worse yet, developed to appear to be a useful app and are just malware or spyware. Today, the term for these types of apps is “riskware”. When you download an app (or install it as an .apk), almost immediately there is a screen that pops up where you get to choose which permissions the app can have on your phone. The best way to avoid this kind of data seepage is to:
- Ensure the app you are installing on your device is the real McCoy.
- Only allow the app to have the permissions it needs to be effective.
By keeping apps from having full run of your device, all you are doing is mitigating potential problems.
Network Spoofing and Unsecured Connections
With so much content available to the mobile user, and carrier-enforced data caps still prevalent, many people will want to access any Wi-Fi they can to save their data. While this is great if you are at home or places you trust, connecting to just any wireless network could get you in a lot of trouble. When you consider that some networks are effectively traps, where the minute you connect your mobile device to it, the people that are presenting the subterfuge of a secured network just scour and strip the personal data off of your phone; and, if you use your phone for work, you likely have, at the very least, put your employer’s network, and all the data on it in peril.
Mobile Phishing & Spyware
Mobile devices are most useful when they are powered-on; and, most mobile users have a tendency to check their email routinely, some compulsively. That means they are typically more susceptible to seemingly legitimate emails that end up being completely illegitimate, putting them, and the data they have access to, in harm’s way. Ensuring that any links, attachments, or other media is from legitimate senders is crucial to keep malware off of your phone, and the networks it connects to.
Additionally, spyware is a major concern for mobile security professionals. Some spyware is legitimate, used mostly to monitor the mobile use of another user. Some organizations take liberties they shouldn’t and install spyware through a mobile management policy that not only is a major breach of privacy, but could have disastrous ramifications if that data were to fall into the wrong hands.
Poorly Developed Software
Some apps aren’t exactly reliable. This happens when developers use weak encryption algorithms, strong encryption that isn’t properly implemented, or improperly implement authentication tokens on their software. As a result, some apps are just vulnerabilities masquerading as useful applications. By using software that is well regarded and from reputable developers, your chances of falling victim to issues decreases exponentially.
The Cost of Mobile Cybercrime
We’ve looked at the problems all mobile users have to be cognizant of, but if you don’t deal with it directly, it may be hard to know just what the cost of it is. There are a few indicators that can tell you just how big of an issue this has become. There have been a litany of highly sophisticated and extraordinarily complex strains of malware (mostly ransomware) and numerous extremely high-profile data breaches over the past few years. Traditionally, cybercrime was an IT issue, but with the level of devastation that cybercriminals can bring to your organization, it is now very much a C-level problem.
According to a study funded by Accenture and carried out by the Ponemon Institute titled, 2017 Cost of Cyber Crime Study: Insights on the security investments that make a difference, the financial consequences of being the victim of a cyber attack isn’t just more likely, it’s worsening. The global average of cybercrime for the 254 businesses that took part in the study sat at a staggering $7.2 million in 2013; but, in 2017 it had grown to a whopping $11.7 million, a shift of 62 percent over five years.
What’s interesting about the study is that it found that smaller organizations actually saw larger percentages of loss, per seat, on major cybercrime issues like malware, web-attack, phishing and other social engineering, and botnets. Larger companies had more problems with Denial of services attacks, sabotage, and theft. Currently information theft remains the most expensive consequence of a cyber crime, with downtime and revenue loss also being major results.
Ransomware, which made up for nearly 10 percent of all cybercrime-related monetary loss for the reported companies, was equally devastating to each type of organization. With ransomware attacks doubling in 2017, many experts are trying to extrapolate the role it will have going forward, and it isn’t pretty. Most of the cybercrime that happens over mobile is as a result of phishing/social engineering, so it’s impossible to take anything away from the Accenture report that doesn’t suggest that whatever cybercrime your organization has to deal with, and it likely will have to deal with some, it can get extraordinarily costly fast.
What Can You Do?
Since this is a major problem for organizations, governments, and companies of all types, there are strategies emerging that can help your organization curb your exposure to these types of attacks. They include:
- Set Mobile Policy – You have policies in place for all types of things in the workplace, but you may not have had to consider putting regulations on smartphone use inside your office. With many organizations not investing money in providing mobile devices to their employees, there has been an uptick in development and use of the so-called Bring Your Own Device (BYOD) policy. In essence, it is a policy put in place that allows people to use their personal device on the work network, and use the work apps, but gives administrators the authority, through a mobile device management system, to control aspects of the phone in the case that company information could be made available. By setting a dedicated and well-considered mobile strategy, it can go a long way toward protecting your network from threats that would be carried in by careless mobile users.
- Training – When you don’t know about the risks you are taking, you can’t expect to know how to react if those risks were acted upon. You especially won’t be proactive about handling a potentially detrimental situation. That’s why it is important to train everyone in your organization on the best practices of using mobile for work purposes. Talk about social engineering, phishing, and other sneaky ways that hackers can gain access to your company’s network, and how to go about repelling their forays with knowledge and patience.
- Implement Mobile Security and Secure Networking Software –Most mobile platforms have some sort of defense in place, but if you want to be sure that you and your people are working to protect your organization’s network, installing mobile security applications on each device has been proven to catch and repel malware. The use of a Virtual Private Network application adds another layer of encryption to mobile communications, ensuring that data that is sent and received from your organization’s network gets to where it needs to get safely.
Business is going mobile, and so are hackers. In order to secure your organization against all manner of threats it’s essential that you have a comprehensive network security plan designed, implemented, and maintained. At VentureNet, we can help evaluate the best options for securing your mobile connections. For more information about mobile cybercrime or to talk to us about your organization’s network security, call us today at 214-343-3550.