First, the Basics
Small and medium-sized businesses (SMB) have to juggle many priorities and daily demands. Acquiring and retaining customers. Avoiding inefficiency. Delivering excellent customer service. Managing costs. Hiring employees. Meeting government regulations. Keeping current with industry trends.
Technology can help SMBs streamline their processes, improve employee productivity, and maintain a competitive edge. But technology comes with its share of challenges, especially as mobile devices continue to take over and computing needs rapidly change.
That’s where managed services come in. Defined as specialized IT support delivered according to a clearly described service-level agreement over a fixed period of time for a low and predictable cost, managed services are the safest bet in today’s tech environment. Especially when compared with
Another week, another data breach — at least that’s what it felt like when the federal government revealed last week that the Justice Department and the Department of Homeland Security had employee information hacked.
Initial reports indicate that no sensitive information was stolen; apparently, the majority of the data breach concerned email addresses, phone numbers, and job titles for nearly 30,000 federal employees. The big difference with this breach stems from the fact that it wasn’t a cyberattack that penetrated the government’s computer systems — instead, a hacker impersonated a government employee and used their credentials to access sensitive parts of the system.
Often referred to as “social engineering,” this kind of breach involves culling personal information from social media and using it to determine passwords. Which means that even the best network security in the world — and if anyone has it, it’s the federal government — couldn’t have stopped this attack.
Of course, that doesn’t mean that certain measures aren’t critical to data integrity. In fact, without strong firewalls, data encryption measures, and reliable backup and disaster recovery systems, chances are this breach could have been much worse.
So what could have prevented this breach?
• Comprehensive password management. This goes beyond simply creating strong and unique passwords that use a random mixture of upper-and lower-case letters, numbers, and symbols. It also includes smart management of the passwords you create: using two-factor authentication whenever possible, employing a password management tool, and monitoring social media accounts and email addresses (especially those you don’t use very often) for unusual activity.
• A more diligent approach to email attachments and links. There’s no easier way for hackers to access your information (including usernames and passwords — the holy grail of social engineering attempts) than through malware installed after a user opens an infected email attachment or clicks on a link that redirects to suspicious sites. The main takeaway here is DO NOT CLICK ON ANY EMAIL ATTACHMENT OR EMBEDDED LINK UNLESS YOU TRUST THE SENDER OR SOURCE AND ARE EXPECTING SAID ATTACHMENT OR LINK.
• Implement comprehensive network security. CMIT Solutions’ philosophy on IT service is proactive, not reactive: we monitor our clients’ systems 24×7 so that we can identify, prevent, and resolve issues before they affect productivity, efficiency, and security, not after they’ve already incurred downtime. From firewalls to anti-virus, anti-spam, and anti-malware software to data encryption to content filtering and other targeted tools, we believe the “umbrella” approach gives businesses the best chance to stay secure.
• Treat your data like the life of your business depends on it. Guess what? It probably does. How long could your business operate without its critical information? How quickly would you need it to be recovered to bounce back from a catastrophic event? Studies show that backup and disaster recovery is integral to business success — the Small Business Administration estimates that 45% of companies that suffer from data loss never recover.
• If you’re in an industry like health care, legal, or financial, the smallest breach could have significant civil and criminal ramifications. A recent report by Redspin found that 98% of protected health information leaks in 2015 were caused by IT incidents, compared to just 53% in 2014, with an 11,000% increase overall in breaches — NBC News claimed that one in three Americans had their health records compromised without even knowing it. That means hackers are working harder than ever to steal sensitive information, especially in the health care realm, where one stolen record can sell for 10 times as much on the black market as a stolen credit card.
How safe and secure is your data? How about your computers, mobile devices, and other systems? Do you have policies and procedures in place to protect your business and your employees from a data breach or cyberattack? If you’re unsure of the answer to any of these questions, contact CMIT Solutions. We worry about IT so you don’t have to.
The computer network has become the mainstay of a workplace, whether it is an office, small business or a large corporate. It stores all kinds of data, confidential and general. It lends itself to various activities. It is integrated between different departments. People share information on it and use information stored in it. There is a lot of software stored on the mainframe that can be used by everyone in the network. Businesses are run via the computer system. If this system shuts down, it is akin to the company closing down till it is fixed again. If it crashes, millions of dollars will be wasted while the system is put back on track again.
The PDF, or portable document format, represents the gold standard in document sharing. PDFs come packaged with all text, fonts, and images embedded in the file, which allows them to be displayed independent of applications, operating systems, or hardware. They’re highly compressed files, which makes emailing, downloading, and printing them quick and easy. And their open standard platform means that anyone can develop, use, sell, and distribute PDF software and implementations.
On May 7th, the Department of Health and Human Services’ Office for Civil Rights rocked the health-care world by handing down $4.8 million in fines to New York and Presbyterian Hospital (NYP) and Columbia University (CU) due to a breach of HIPAA regulations dating back to 2010. This represents the largest HIPAA-related settlement to date — and it resulted from the improper disclosure of electronic protected health information (ePHI) for just 6,800 individuals. That’s nearly $706 per exposed record!
How did the breach happen? Through preventable human error, which still represents the biggest threat to health care practice security. A physician and application developer employed by Columbia tried to deactivate a personal computer server on the network containing NYP patient ePHI, allowing the protected information to become accessible on public search engines.