Backup Disaster Recovery is one of those things that all businesses need to have. A BDR backs up any data during the course of a disaster. Whether it’s a natural disaster such as a tornado, a hardware failure, or even an attack from a hacker. Anyone of these could permanently disable your business if you aren’t prepared or have a proper backup plan. For those of you still backing up data manually on tapes or *cringe* not at all, here are some reasons you need a BDR solution and should stop tuning out potential disasters.
First of all, a data disaster is more common than you might think and currently, 58% of SMB’s are not prepared for data loss. Even worse, 60% of SMB’s that lose their data will shut down within six months. Something that could have been prevented could potentially wreck your business. Scary to think about when 29% of hard drive failures are caused by accident. It would be silly to have a human error or a simple mishap put your company out of business.
You may have security protocols in place and your employees are well versed on avoiding things like malware. Well done. However, you’re still not protected. Human error is a large culprit in data loss. It could be unintentionally deleting items or accidentally overwriting data, but these “oops” can hit hard. Human error can result in other kinds of hardware damage like spills or even accidental reformatting. All of these things are possible and have happened to many SMB’s before you. Sometimes recovery is possible from the software platform you were using, maybe your computer has your back and caught these things. It’s still a time consuming and money wasting error to fix, even if you are so lucky to recover some of what you lost.
Viruses and malware can be a significant cause to software or hardware damage depending on what kind of bug found its way in. Usually, this can be avoided with proper employee training as well as an awesome firewall that will help filter malicious attacks. Yet another prey in the night is social engineering. This is the art of sort of conning people. Hackers have been known to get into server rooms and other data-centric areas of the business. Employees may not even notice their mistake until it’s too late. I guess the “HVAC guy” turned out being a hacker in disguise.
Sometimes software corruption can come from unknown viruses lurking around your computer. However, most of the time it is due to improper usage. Things like not shutting down the computer properly or leaving unsaved documents open. Sometimes even a power outage can trigger corruption. Once the software processes are interrupted and damaged, it’s virtually impossible to recover data stored in the software.
Did you know that 140,000 hard drives crash every week? With that kind of number, it’s just a matter of time until it happens to you. That is not a comfortable position to be in if you know you don’t have backup. Unfortunately, hard drive corruption is usually due to mechanical issues. Things like age and dust build up can (and will) cause technology to fail. We’ve all used the old laptop we still have, that’s been on its deathbed for months, freezing frequently, taking for-ev-er to load a webpage, and of course, acts as a heater for your lap or desk. All of these things are signs leading to a crash. You may not care if it’s an old hand-me-down laptop from the ’90s. But you will care when it’s your pricey equipment with all of your product data and client information being stored on it.
Finally, good old-fashioned acts of God. You can’t necessarily prepare for a natural disaster. Even if you hear the tornado siren, backing up your servers to tape will take longer than it does for the tornado to hit your business. Then what? That tape is left amongst the rubble, destroyed. This may seem like an exaggeration, but it has really happened to businesses. And even if only hypothetical, it makes for a great metaphor for any other crash within your business. This is also proof that on-site BDR’s may not always be the final protective cover to your business. You may want to consider off-site or cloud data storage to ensure protection, so your data is safe even if your equipment is destroyed.
Protect your business and keep it running smoothly and successfully. Backup Disaster Recovery options are available for all kinds of SMB’s and their needs. Don’t wait to be taught a lesson by the “big one” (as most California residents say). Protect your important data and enjoy the peace of mind that comes along with it. You’ve worked too hard to get your business where it is, protect your hard work.
Cybercriminals use social engineering every day to attempt to hack into people’s personal information. Chances are, you have seen all three of these attempts sometime during your lifetime. Social engineering is slightly different though because it preys on the human condition. Attempting to gain trust and manipulate people. This way it’s even easier to have someone almost willingly give out personal information. In general, there are three major ways that cybercriminals use social engineering to steal your info.
The first is via email.
This is one of the most prominent ways that information is stolen. This side of social engineering has been around nearly as long as emails have and its guaranteed that anyone with an email account has seen at least one of the many phishing scams that come from cybercriminals. Perhaps a Nigerian Prince would like to wire you a ton of money because his inheritance is wrapped up in the bank for some reason. All you need to do is pay a few fees to receive the money and you get to keep a portion of his millions. Totally legitimate right? Or maybe the bank needs you to confirm your account number and social security number because of an “account breach”. Why not right? The bank is a legitimate business, it must be real, even the email looks real. Better yet, wouldn’t you love to be a secret shopper? Receive a check for $1000, cash it, and perform a job. Innocent enough right? Not after you wire initial costs and attempt to cash a bad check. These are just some of the ways social engineers prey on unsuspecting and trusting people. If sending money or willingly giving up information isn’t involved, then there is usually malware within the email. The links that can be clicked on will deploy malware to infect your computer files and obtain information about you. It’s amazing how prevalent these scams are. But if you’re educated on them, you won’t become a victim.
Next is posing as someone you know.
This can take several different forms, however the most obvious is copycat Facebook profiles. This is another prominent scam that cybercriminals use to trick people into thinking they are receiving a friend request from someone they know. The profile will often contain a few photos from the original person’s profile so it looks a tad more real. As unsuspecting friends add this profile, it begins to look more legitimate because of similar friends and associates. This profile can ask for money or send links containing malware to infect your computer, or even corrupt your Facebook profile gaining access to personal information. Another way cybercriminals can gain access to your information is by posing as someone within your company. They can send an email that looks like it’s from your boss when really its fake. Usually, something about the email address will be a bit off, if you’re paying attention. Letters are swapped around or a .net becomes a .com at the end of the email. As soon as you open it or click on a link, there goes malware infecting your computer. This scam is usually highly effective because it gets sent to everyone in the company, and people often take it as real from the boss.
Finally, a newer way for cybercriminals to target people is through advertisements.
Considering ads are pretty much everywhere online now, creating ransomware ads is incredibly easy and a bit difficult to spot among the hundreds of people see every day. For this type of social engineering, cybercriminals literally deploy ad campaigns showcasing a product or a service. When you click on the ad, it downloads malware or ransomware onto your computer. Most of the time these ads are for anti-virus software or a pop-up will come on your computer saying your computer has been infected and to click the link to clean the virus. Tricky, tricky cybercriminals.
The key to these three general social engineering styles is to become educated on them and keep an eye out for anything that seems off. It certainly pays nowadays to be diligent during your time on the internet and pay attention to everything. If something seems strange or wrong, avoid it until you are certain it is safe. Try not to click on any links inside of emails unless you are sure, and trust the sender. If you get a friend request from someone, look over their profile and ensure its real. Check out their friends, photos, and posts to ensure they aren’t fake. Then finally don’t trust any anti-virus pop-ups or ads. Make sure that you make educated decisions while surfing the internet, stay safe out there!
Most people are aware of terms like phishing and malware, but do you know those are a part of a larger scheme called social engineering? This is not a new kind of fraud, in fact, it’s been used for many years to manipulate a wide range of people into giving up important data about themselves or the workplace. A prime example of social engineering goes back to Greek mythology with the Trojan horse. They infiltrated the city of Troy with a “peace offering” filled with soldiers, thus winning the war.
With technology at the forefront of our lives, social engineering has entered a new era. Physical human interaction is not necessarily required anymore. These criminals can gain information through emails, pop-ups, and public Wi-Fi networks, to name a few. The main objective is to influence, manipulate or trick users into giving up privileged information or access within an organization. They are doing this right under your nose, and if you’re not paying attention you will be a victim of this as well.
With technology at the forefront of most businesses, external threats are becoming the benchmark for social engineers. They can hack into core business processes by manipulating people through technological means. There are so many ways for social engineers to trick people, that it is best to ensure you are well versed in some of the ways they can hack your system.
First of all, baiting can be done both in person and online. Physical baiting would be a hacker leaving a thumb drive somewhere at a business, then an employee picks it up and plugs it into a computer. Could be curiosity, or simply thinking a co-worker left something behind. However, as soon as the thumb drive gets plugged in, it will infect your computer with malware. The online version of this could be an enticing ad, something to pique interest. Things like “Congrats, you’ve won!” Also, there is scareware, in which users are deceived to think their system is infected with malware, saying things like “Your computer has been infected, click here to start virus protection.” By clicking on it, you unintentionally downloaded malware to your computer. If you understand what you are looking for, you can usually avoid these situations.
This is probably one of the most popular social engineering attacks. Fairly generalized, this usually comes in the form of an email. Often, they ask the user to change their email or log in to check on a policy violation. Usually, the email will look official and even take you to a site that looks almost identical to the one you may be used to. After that, any information you type in will we transmitted to the hacker. You just fell for the oldest online hack in the book.
Similar to generic phishing, spear phishing is a more targeted scam. This does take a little more time and research for hackers to pull off, but when they do it’s hard to tell the difference. They often tailor their messages based on characteristics, job positions, and contacts belonging to their victims to make their attack less conspicuous. This could be in the form of an email, acting as the IT guy with the same signature and even cc’s to co-workers. It looks legitimate but as soon as you click the link, you are allowing malware to flood your computer.
Originally, social engineering took place in a physical setting. A hacker would do some preliminary research on a company structure or focus on behaviors in order to get that initial access into a building, server room or IT space. Once they have a “foot in the door” so to speak, obtaining pertinent data or planting malware becomes that much easier.
Often, they will enter a building without an access pass by simply acting like an employee that left it at home, this technique is known as tailgating. The only credential they need is confidence. This can also include a hacker posing as an IT person and conning people into believing that to be true so they can gain access to high-security areas. This is far easier than it sounds too. You can find company shirts at your local thrift store, exude confidence and gain access.
Another interesting process hackers use to con their way into a business is by creating a hostile situation. According to PC World, people avoid those that appear to be mad, upset or angry. So, a hacker can have a fake heated phone call and reduce the likelihood of being stopped or questioned. Human psychology really is a tricky thing, isn’t it?
Then of course, the more you know about someone the more likely you are going to gain the information you need from them. This involves everything from scoping out parking lots, observing the workspace and even dumpster diving. Nothing is safe anymore and your life is not always as secure as you’d like to think. Something as innocent as a bill can be used to harvest more information about a person.
Similar to online phishing, pretexting is a popular fraud tactic for phone calls. Often, they will disguise themselves as an authority such as a bank, tax official or even police. They will probe you with questions that could lead to giving up information that could compromise your identity. This personal information can be used to find out a whole slew of things. Not only can they get away with your money immediately, but they can also easily steal your identity with pertinent information like social security numbers or banking information.
Social engineering can be prevented by being educated in it. With so many different ways to steal your important data its imperative that individuals and businesses go through some sort of training regarding these issues. However, on a day to day basis, getting into certain habits can help. First of all, pay attention to your surroundings. Remember that physical social engineering still exists and you don’t want to be the one that caused your business corrupted data. Next, do not open emails or attachments from suspicious sources. Moreover, if a legitimate-looking email seems slightly suspicious, go to the source and find out for sure if they sent it. Also, multi-factor authentication can curb fraud immensely. One of the most valuable pieces of information attackers seek is user credentials. Using multifactor authentication helps ensure your account’s protection in the event of system compromise. Furthermore, if an offer seems too good to be true, it probably is. Don’t click the link, you didn’t win a cruise. Then finally, keep your antivirus and/or antimalware software updated at all times. This is the best line of defense if for some reason your system has been compromised. For the most part, use your best judgment and common sense. Social engineers have gotten very good at their jobs, but that’s okay because you’ve gotten very good at yours too and can combat these sneaky hackers.
Have you ever received a Facebook friend request from your mom even though she is already a friend of yours on Facebook? So, you call her up to make sure she didn’t forget her password again and just create a new FB page. Then right after that, “she” sends you a video link saying you’re in a YouTube video. You think, “Well dang I didn’t think she even knew how to use messenger”. As the confusion mounts, you realize, momma’s FB has been cloned in an effort to hack your account. Not today hackers!
In this day and age of social media, there are two very specific ways hackers compromise your data. Cloning is the first. This is when someone makes a social media account by using someone else’s identity. You’ve all seen them, mom is already your friend on FB but now you’re receiving another friend request from her. The new page has one photo, no posts and a handful of mutual friends that fell for the fake profile. This within itself is not hacking. It’s incredibly easy to copy a photo and create a basic FB page with basic information. The idea behind cloning is to get you to think this is your friend or loved one so they can hack your information. Social engineering can come into play, asking mutual friends for money – saying you’ve been arrested. Another way is by having the clone account send malware to friends.
This exact situation happens more often than not, but what does it have to do with your business? Mom may not work with you, but take her lesson as a valuable warning. When Facebook account funny business, a multitude of things could occur, compromising your business, clients and other important data you may have stored. Imagine receiving a message on your company Facebook messenger from a friend saying “you’re in a YouTube video”. The link is readily available, you have the urge to click on it, it could be bad PR right? So, you click it and instantly, the malware takes over your computer. Passwords and logins are automatically stolen from you and in the hands of hackers. Not good. This could compromise payment methods or pertinent company information. This hacked info could turn into full-blown social engineering if you don’t pay attention. The worst part is that almost everyone on your friend list will get bombarded by a similar message creating a domino effect. It’s terrible to infect your loyal followers and you’ll see a lot unfollow you because of the inconvenience.
Facebook is not the only platform to worry about, in fact, Instagram, Twitter, and Snapchat have all fallen victim to hacks. One huge reason for this is because people don’t know better when it comes to security information. Social media is so easy to use that people often forget that information can be compromised. Careless clicking is another culprit. Aren’t you curious what your favorite coffee says about your personality? Its quizzes and fun time wasters like this that allows hackers to access information. So simply clicking on these silly things opens your account to malware and in some cases ransomware. Users have reported being locked out of their accounts, accounts being deleted and some even being held for ransom until users paid the hacker. If you are using these platforms for business, you must be extra leery about what you are clicking on. It’s a terrible day when the content on your social media disappears over an avoidable breach.
These things don’t have to happen to you as long as you are smart about your social media. Make sure whoever is running it is well trained in cybersecurity. Also, ensure your passwords are strong and not easy to hack. Then go check on mom and give her a fast and efficient cybersecurity breakdown. This subject seems obvious, but the amount of people that get hacked each year as well as the amount of stolen data continues to grow. Hackers are also constantly looking for new ways to take information. Be vigilant and up to date on current trends. Protect your business from these sly social media mongers.
Not so long ago it would have been ridiculous to ask a new employer to give you free TV, free Movies, free Mail, free Music, and a free TV camera and crew at your house in case you wanted to work from home and conduct a meeting with coworkers. Yet, with the internet, all of these things and more are at the fingertips of most office employees. And a growing number of employees will use some or all of these services for personal use while under your roof and on the clock.
Many employees use much more bandwidth than is necessary to do their jobs. But as a business owner, what can you do about it? First of all, you’ve got to let your employees know that bandwidth is a commodity. Just like electricity, water, and leasing building space, bandwidth is a necessary expense you need to keep your business running. But unlike all the others, the amount of bandwidth you truly need varies based on the workload. But it can also be overused by employees who stream videos, stream music or play video games between completing company tasks. So, who are these Bandwidth Bandits? Let’s take a look at the most likely culprits.
VIDEO: Does your company upload or store video content on a daily basis? Many companies do these days, especially for Marketing and Training purposes. But what about the videos that are being watched in-between company projects? Viewing TV shows or movies online uses about 1 GB of data per hour for standard definition video, and up to 3 GB per hour for HD video. Downloading and streaming consume about the same amount of data. And since just about everything online is HD quality, you can see that video content is usually the guiltiest bandwidth abuser in your office.
WIFI: Everything that is available to your employees through their internet connection is available through Wifi. But the extra signal drainers Wifi puts on bandwidth are the users who connect their phones to wifi so they can save on their personal data plan. So at no extra cost to them, they can watch streaming video on their phones. Some people also use their phones to play streaming video games while on, (or off), their lunch breaks. Just being connected puts a small drain on your Wifi, but all the rest can slow your network down to a crawl.
THE CLOUD: Using the Cloud adds a lot of flexibility to your business. And the scalability allows you to tailor your bandwidth needs as your company’s needs grow or shrink. But the amount of bandwidth usage varies as more and more files and programs are shared through the Cloud. With subscription-based software programs becoming the norm, there’s data floating in and out of your employee’s workstations all day. And if you use heavy-hitting data drainers, like HD video files, that are shared between two or more employees, your Cloud gets weighed down fairly quickly. If not monitored properly, excess data usage through the Cloud can clog your system like hair in a bathtub drain.
FILE SHARING: Gone are the days when you had to copy a large file onto an external device, a CD or DVD if you wanted to share it with someone. Today there are no files too large to be shared through services like Dropbox. But these large files can slow down your network if you’re not careful. Even sharing smaller files, like documents, photos or audio files will each take a slice out of the bandwidth pie. Basically, every item that is shared with someone else will take away a chunk of bandwidth until the transfer is completed.
VIDEO CONFERENCING: Whether you’re working from home, meeting with clients, or even interviewing potential new employees, Videoconferencing is defiantly a tool that makes good business sense. Many business trips have been replaced by video conferencing, and that’s good for your budget. But now you’re sending that information through your internet connection, and that needs to be factored in. But the good news is that video conferencing costs a lot less than travel, so spending a little more on bandwidth is probably the most cost-effective way to meet with people one on one.
STREAMING MUSIC: Many people enjoy listening to music while at work, and if the company allows it, then it’s no big deal. Right? Well, mostly right. Problems may arise when the streaming music is left running 24 hours a day. And the more people stream music the more it will cause a drain on your bandwidth. Even though music streams at a low data rate, some services allow users to store their music files on The Cloud, and that causes a bump in the data flow. Accessing personal music files and streaming Internet Radio may not take up too much bandwidth, but the missing factor is the number of employees who are constantly listening to music. If most of your employees listen to streaming music then data usage should be monitored so you’ll know if this might be an issue for you or not.
EMAIL: Not too long ago, sending email was a big deal for businesses. When email was a new function, it was the largest drain on bandwidth business owners had to deal with. And if you attached a photo or a document to the email, guess what happened? It took forever for the attachment to transfer its data through the internet connection and get sent along with the email. But today’s much faster internet can handle multiple emails and attachments that were impossible to send just a few years ago. But even though email is a low data user by today’s standards, it still adds up in the overall data usage throughout the workday.
SOCIAL MEDIA: Humans are social creatures, and they search out ways to stay connected to people they are close to. Social Media gives us many ways to stay in touch with others, but in the office, that comes at a price. When business owners calculate the bandwidth requirements for start-ups, they often don’t factor in their employee’s Social Media habits. Sure, most functions utilized through Social Media don’t use much data at all. But, increasingly, video attachments are sent along with a text message. Even in a compressed state, video files are among the greediest bandwidth thieves.
As you can see there are many ways your bandwidth is being used throughout the day. And it can impact your business in a variety of ways. For example, just a few years ago it was taboo for employees to spend time watching videos on YouTube or looking at pictures of their nephew’s graduation on Facebook. But today it is generally accepted that employees will spend some time doing these things.
As a business owner, you can place limits or controls on these habits, but these actions may cost you in other ways. Employee morale is linked to social media habits, and if employees can’t stay in touch with their friends on your time, they’ll probably take more breaks than they used to so they can wish Aunt Edna a Happy Birthday.
It’s your challenge to find a balance between the bandwidth your business needs and the bandwidth your employees need. As the one who writes the checks, it may not seem fair that you’re funding someone else’s social media habits, but in today’s business arena it’s the price of doing business. And if you use Social Media sites as part of your Marketing Plan, well, you’re probably helping your business grow by letting your employees tell everyone online how much they enjoy working for you.