What’s the Importance of database security in today's business environment?

One of the questions we are frequently asked at Tolar Systems is, “what’s the importance of database security in today’s business environment?” Business owners are sometimes unsure whether such a technical sounding term is an issue for their business.

Database security is important for all businesses large and small. Often people may think that if their business is small they’re unlikely to be subject of a cyber attack, but the truth is hackers don’t care how large your business is, or what industry you’re working in. They are simply looking for vulnerabilities they can exploit. Unfortunately, for many small and medium businesses, lack of knowledge and experience around database security often result in poor security practices that leave you vulnerable to an attack.

What sorts of practices can leave you vulnerable? The list is long but it includes common mistakes such as:

•        Sharing or storing passwords in an unsecured manner,
•         Failure to install security updates and software patches,
•        Lack of routine monitoring of networks and systems,
•        Failure to monitor and manage wireless devices using your network.
• 
  

The importance of database security in today’s business environment is underscored by a series of recent attacks that impacted businesses around the world. Malicious software developed by NSA was leaked to hackers who in early May of 2017 used it to commit one of the largest “ransomware” attacks on record. Companies in more than 100 countries fell victim to the attack, which threatened to erase all company data unless victims complied with the data thieves demands for payment.

Other attacks so far in 2017 have targeted users of Gmail, customers of the restaurant chain Chipotle, customers of the business services firm Dun and Bradstreet, and users of the electronic signature platform Docusign, among many others. The types of attacks range from “phishing” attacks where an email is sent to try to convince users to divulge personal information that could then be used to gain access to email accounts, to more sophisticated attacks that enabled hackers to gain access to payment information, customer lists and other sensitive data.

When an attack like this hits a business, the impact can be devastating. A recent report by the Denver Post indicated that more than 60% of small businesses that are hit by a cyberattack will close their doors within 6 months. This alarming number is attributed to the high cost of cleaning up the damage from a cyber attack, such as paying restitution to customers, loss of business, etc. The average cost to businesses of recovering from these attacks is astronomical. For small businesses, the cost averages more than $690,000; for mid-market companies, the costs may exceed $1M million dollars.

Still wondering about the importance of database security in today’s business environment? Here are a few statistics from 2016 to consider, courtesy of cyber-attack trackers atHackmageddon:

·         More than half of all cyber-attacks are directed against individuals and businesses.

·         Although they are high value targets, government, healthcare, education and financial services make up less than 30% of attacks, due possibly to better security practices in these industries.

·         Retail, restaurants and hotels make up more than 12% of all cyber attacks.

·         More than 70% of cyber attacks are criminal in nature, as opposed to espionage, “hacktivism” or warfare related attacks.

Small business database security breaches may not be the subject of headlines, but they’re just as devastating to your business as the big attacks that make news. What’s the importance of database security in today’s business environment? It could be the difference between your business surviving, or being driven out of business by cyber-criminals.

Ransomware: The Growing Threat to Your Business

Have you heard about ransomware? It’s a growing threat to individuals and businesses across the world, and your business could be next.

How serious is the threat? On June 27, a ransomware attack affected hundreds of thousands of users in Ukraine and Russia, targeting some of those two countries’ biggest businesses and organizations, including Rosneft and the organization that manages the Chernobyl nuclear accident site.

The attack, called the WannaCry virus, exploited a previously unknown security backdoor to spread between Windows-based PCs. WannaCry was originally developed by NSA and was leaked into the dark web. There, it was obtained by cybercriminals who used it to deny access to software and systems used by more than 200,000 PCs around the world. Victims of the attack, including FedEx, Renault, Nissan and a number of American universities, were denied access to their applications and systems unless a ransom was paid in BitCoin (a type of untraceable virtual currency) to the hackers behind the virus.

So, what is ransomware, and how can you protect your business?

What is Ransomware?

Ransomware is malicious software that can deny you access to your computer by locking your keyboard, computer,applications or files unless you pay a ransom to unlock them. The ransom is usually demanded to be paid using Bitcoin, a type of digital currency that makes it nearly impossible to trace where the payment is going. This makes it very difficult to catch these cyberattackers.

These types of attacks are not new, but they’ve become more sophisticated in recent years. In no small part this is due to the fact that they’re being developed by governments (including the United States) as cyberweapons.

These types of cyberweapons were intended to be used against other governments rather than private individuals or businesses. But the WannaCry attack demonstrates the widespread damage that these kinds of applications can do when they are released into the wrong hands. It also underscores a conflict between governments and others who seek to exploit weaknesses that might allow technology to be used as a weapon, and software makers whose job it is to patch those vulnerabilities.

How Can I Protect my Business from Ransomware?

To understand how to protect your business from ransomware, it’s helpful to understand how it spreads. Usually, it spreads like other types of malware, through opening an infected attachment from email or downloading an infected file from a compromised website. Once this file has been opened, it can begin downloading files that will block you from using your computer or accessing files.

Because it spreads in this way, one of the first lines of defense against ransomware should be training users to avoid clickbait and avoid opening files from people they don’t know. But, hackers are devious and have developed sophisticated methods to work around these defenses.

Another important defense against ransomware is monitoring your network to detect malware, and using applicationsthat prevent opening infected files. Frequent updates to your network security is also crucial to ensure that your network and devices are protected against ransomware attacks.

The third and equally critical defense against ransomware is to ensure that your systems receive regular backups. If a ransomware attack does hit your business, good backup protocols will ensure that you do not have to pay the ransom. You can simply reinstall the most recent uninfected backup of your system files. To prevent data loss, these backups must be done at least daily or weekly; depending on the amount of data your business processes, even more frequent backups may be necessary.

Ransomware is a growing threat. A managed services provider like Tolar Systems can provide the training, monitoring, prevention, and backups you need to protect your business against ransomware.

What’s the Importance of Network Security to Small Businesses?

Many small business owners ask, “what’s the importance of network security to a small or medium sized business?” They may wonder whether this topic applies to businesses that don’t have sophisticated networks to manage.

We believe that network security is something that is important for businesses of every size. Two reasons are the increasing reliance of businesses on their networks and the increasing complexity of networks in an environment where more devices are connected to them.

These days, even small businesses have sophisticated network requirements, with multiple areas of your network that may be vulnerable to cyber-attack or other disruptions. Businesses may be running a simple wired network, but more often even a small business has a network that is segmented into local area networks that may include a network for guests, a wi-fi network, maybe even a local area network or LAN for devices such as environmental controls or access systems, or even wi-fi enabled coffee makers, that are connected to the Internet of Things (IOT) so that they can transmit data over the internet.

Challenges to your network security don’t end there either. Your employees may be using their own mobile devices, or using company-issued devices;security of these devices must be managed to ensure they don’t present a threat to network security.

Just as networks are more complex, so are the efforts of hackers and cyber-criminals to compromise them. And unfortunately, if they succeed, they could compromise your entire business. As more and more business processes take on an online component, whether it’s communicating via email or using a Voice over IP phone system such as Skype, the reliability of your network will become a determining factor of business success. Customers simply expect to be able to contact you when necessary and a downed network will only be tolerated for a short time, if at all.

In addition to business disruptions, the cost of data breaches associated with poor network security is getting higher every year. The Ponemon Institute recently reported that the cost of the average data breach was $211 per record, the highest figure ever recorded. 

The total cost of a breach encompassing all lost records exceeded $7M million dollars in 2016. For many small businesses that suffer such a costly breach, the damage done to the business is not recoverable. According to the same report, more than 60% of small businesses that suffer a data breach are forced out of business within 6 months, unable to recover the damage done to their finances and customer relationships.

Whether large or small, the importance of network security cannot be underestimated. Businesses of all sizes count on being able to access a reliable network to do business, whether it’s through websites, email, cloud applications or other web or mobile based platforms.That means that network security is a critical consideration for every business owner.

Yet, even as businesses rely more on their networks, network security failures can place them at greater risk than ever before. Even small businesses have websites and may be doing some aspects of their business online, such as running an e-Commerce site or running applications in the cloud. More businesses are using wi-fi and mobile devices as well – these may make your business more vulnerable to attack if not managed appropriately.

Plus, every business faces physical risks that may take your network offline just when you need it most. Fire, flood, theft, malware or even insider threats posed by a disgruntled employee can put your business at risk, even if your network security practices are generally good. For this reason, the importance of network security isn’t just about the hardware or software you use to protect against threats to your network, it’s also about having a plan in case your first lines of defense should fail. Backup planning and disaster recovery are an important part of network security that will allow your business to remain online even when security threats strike.

For businesses of any size, particularly those in vulnerable industries where you may be handling customer payment information or sensitive data about your clients, ensuring network security is of paramount importance to customer satisfaction. The long term health of your business may depend upon it.

IT Solutions for Law Firms That Could Transform Your Business

Finding competitive IT solutions for law firms that can help your business grow and compete is arguably one of the biggest challenges facing law firms today. That’s because technology is transforming the law industry at nearly every level; from how you manage documents and share information with clients and partners, to the technology solutions you choose to conference with clients and plan your billable time, to the billing solutions that track and invoice your clients.
Because the technology available in this industry is changing so rapidly, IT solutions for law firms are also changing. But one thing that holds true in spite of change is that the solutions you choose depend on the type of law firm you are, and the goals you set for your business.
What are some of the IT solutions for law firms that are transforming the industry?

Managed IT Services Outsourcing – Whether you’re a large firm with hundreds of attorneys nationwide, to a small office that only has a few lawyers, managing your technology is a big challenge. Of course, in a large firm, there is usually an IT department full of technology experts that is responsible for managing the constantly changing needs of a successful law practice.
For small firms, this isn’t the case. In a small office, the responsibility for IT may fall to an office manager whose expertise isn’t IT, or potentially even to one of the attorneys. This means that many smaller offices aren’t keeping up to date with IT solutions for law firms, and are losing out on technologies that might enhance their productivity and allow them to grow. Worse, IT issues may be getting in the way of billings and client relationships.
Managed IT services outsourcing is an IT solution for law firms that is helping to resolve these issues that face many small firms. For a set monthly fee, a managed services provider manages all the network security and IT maintenance that often impacts productivity and impedes growth. Its allowing small firms to level the playing field and compete against firms many times their size.
Cloud applications – Many attorneys have been wary of cloud applications and for good reason. The idea of sharing sensitive client information in an offsite location, even one that is well-managed, does give many in the industry pause.
However, as cloud security becomes more trusted, the cloud is delivering many viable IT solutions for law firms. It delivers access to enterprise-grade applications – such as VOIP calling and conferencing, file sharing and branded email - that were once within reach of only the largest law firms. And many of the security concerns that were once voiced against the cloud are proving to be false alarms.
In fact, for small firms that may not be following the most up to date security protocols, cloud applications may actually be a better solution.  Why? Here are three reasons:

• Cloud technology providers are security experts, because their business model depends on it. This means that when law firms use cloud solutions, their data may actually be better protected than it would be if managed in-house.
• Cloud providers manage upgrades and patches centrally, so it doesn’t fall to the law firm’s already overworked staff to manage these processes.
• Failure to regularly apply upgrades and patches is a major source of vulnerability to hacking, so in this sense the cloud is actually a more secure IT solution for law firms than data managed in house.

Cloud providers are also technology professionals, so the quality of solutions is higher; you get the most up to date solutions to ensure your data is always secure. And of course, your data is always safely backed up, protecting you from loss.
These are just two of the many IT solutions for law firms that can help to ensure that your business is more competitive and positioned for growth.

How Managed IT Services Help Small Business

Today’s business owners face many challenges. Some of the biggest challenges come in the area of IT. What technology do you need to run your business, while supporting growth and changing customer demands? How can you manage a growing IT footprint, while not losing focus on your business? And how can your business do it all without breaking the bank?It used to be that even smaller companies had to hire a person to handle these issues. Or a company owner or manager took over these responsibilities in addition to the parts of their job that were their core competency.

                       
But in the last 10 years, IT service providers like Tolar Systems of Abilene, Texas have created a better solution. The solution is called managed services, and it’s revolutionizing how small businesses handle IT.
What is Managed IT Services?
IT managed services are a set of technology services that monitor, manage and resolve technology related issues for a business. These are packaged as a complete solution to ensure that a business has the tools and connectivity to meet their business needs.
Managed IT services may include:

• Network management and monitoring
• Cloud applications and services
• Desktop and mobile device support
• Hardware and asset management
• Software patches and update management
• License management

Services may vary between managed services companies based on the managed services provider or MSP’s area of expertise or the needs of their typical customer. Managed services companies can also provide services to respond to specific business needs.
What are the Business Benefits?
Managed IT services offers many business benefits for today’s business owner. Five of these challenges include:
Cost reduction – In many cases, hiring an MSP is less expensive than hiring full time staff to manage your IT needs.
Scalability – Maintaining the right level of IT support to meet the needs of a growing business can be a challenge.
Greater IT expertise and skill - Often the IT resources that businesses hire in-house are generalists who lack depth in specific disciplines. MSPs are able to hire multiple specialists with strong skill-sets, ensuring that your business always has access to highly skilled resources to solve a broad range of issues.
Greater business efficiency – MSPs are exposed to a wide range of businesses and industries are have deep knowledge of the technology and business processes that can best support your business goals.
Reduced risk – The IT world is full of risks, from the risk of cybercrime and hacking, to the risks associated with not meeting client or customer expectations around IT. Managed services providers fully understand the costs, benefits and risks associated with IT decisions and can guide you in the right direction.
Focus on your business – For a small business, IT can sometimes create a distraction from your core business when team members spend time dealing with IT problems. IT managed services allows you to keep your focus on your business, while your MSP handles your technology related needs.
With IT managed services, even smaller businesses can get high quality, professional IT support at a price that can keep you focused and growing.