So many big, expensive cyber attacks have taken place in the last few years that it’s hard to remember them all – when will we learn our lesson?
Cyber attacks are common ground these days. There was the Chase Bank breach of 2014, which exposed the financial information of 76 million Chase customers. This attack was set to target 10 major financial institutions in total, but only one other company reported that data had been stolen. This company was Fidelity Investments. Though the attack caused serious repercussions for Chase Bank, the damage could have been much worse. Four hackers (two from Israel) were eventually arrested.
In the Sony Pictures data breach of 2014, over 100 terabytes of data was stolen by North Korea. This attack was about more than just getting the personal information of consumers. The attack occurred because of a movie that Sony Pictures was set to release called “The Interview”.
The movie, starring Seth Rogen and James Franco, was a fictional story about two journalists who go to North Korea to interview Kim Jung Un. The two men actually work for the CIA and are planning to assassinate the very well-known but unpopular leader. It was believed that North Korea’s leader ordered the cyber attack on Sony Pictures to show his displeasure and disapproval of the film. In addition to the personal information of Sony executives and other employees, hundreds of photos and emails were released to the public. These highly personal items caused a massive amount of embarrassment to Sony’s top executives.
Americans were affected. In addition, an unknown number of consumers from Canada and the UK were affected by this breach. Were there any signs that an enormous data breach like this might occur?
A report issued in October of 2017 by Motherboard, found that Equifax had certain vulnerabilities due to an online portal created for employees. Researchers discovered that the Equifax website was highly susceptible to a basic forced browsing bug. A researcher from Motherboard said that he didn’t even have to do anything special to infiltrate the system. It was far too easy to get in.
“All you had to do was put in a search term and get millions of results, just instantly—in cleartext, through a web app,” the researcher said.
In spite of this information being available to Equifax, it took them six months to close the portal and shut down these vulnerabilities. In this day and age, it’s unthinkable that organizations as sophisticated as Equifax might be so lax in their data security.
Target Stores lost millions of dollars when they had to reimburse customers for their losses after their 2013 data breach. In addition to that, a class action lawsuit was settled for roughly $10 million. As if that wasn’t enough, 20-30 percent of Target shoppers said they were worried about shopping online at Target stores after the breach.
Many data security experts believe that cyber weaknesses like this are far more common than the public believes. In an era when everyone should be fully aware and taking every precaution to prevent a data breach, numerous large corporations remain at risk.
After all is said and done, most people would expect any organization that has experienced a cyber theft to drastically improve their cybersecurity. Large, expensive data breaches leave an organization open to legal action, plus they’re embarrassing. Consumers say that they are less likely to do business with any company that has been a victim of a cyber breach.
But has that really happened? A new study performed by CyberArk reveals that 46 percent of all companies who have experienced a cyber breach have not substantially updated their security policies.
This failure to learn from past mistakes has the public truly baffled. In some cases, IT professionals have been interviewed and asked why they haven’t greatly improved their cybersecurity. Over 30 percent of these pros said that they did not believe it was possible to prevent all cyber-attacks. This indicates that even security experts aren’t sure what to do to stop future attacks from occurring. But, should we simply make the decision not do anything at all?
A 2018 report from CyberArk called, “Global Advanced Threat Landscape Report”, indicates that at least half of all businesses and organizations have only taken the basic security measures required by law. Though their public relations department may say they are taking every precaution to protect customer data, this is probably not true. In addition, 36 percent of respondents in the report said that administrative credentials were currently being stored in Excel or Word docs. These documents would be easy to obtain by any hacker with average skills.
The Global Advanced Threat Landscape Report also reveals that the number of users with administrative privileges has jumped from 62 percent to 87 percent over the past few years. This points to the fact that many companies are opting for employee convenience over data security best practices. This is an alarming statistic given the soaring cost of cyber breaches.
The new AT&T Global State of Cybersecurity highlights many of the critical gaps that remain in our cybersecurity strategies. IT infrastructure and critical data must be fully protected, including credentials and security answer keys. In most organizations, those in higher positions are given greater access and authority to online data and this equates to heightened risks of a cyber breach.
According to Alex Thurber, Senior Vice President and General Manager of Mobility Solutions, “If 2017 has taught us anything, it is that every device needs to be secured because any vulnerability will be found and exploited”.
The company is set to sign a deal with Punkt Tronics to install better security on smartphones, Blackberry devices, and other electronic devices. With consumers spending more and more time browsing on their cell phones, all mobile carriers are searching for ways to better protect their customers from hacking.
A great increase in the sale of anti-virus software and password managers demonstrates a strong resolve by consumers to incorporate stronger security measures into their everyday lives. Innovative technology is producing a new generation of security software that combines threat defense techniques and other more conventional means of cybersecurity. Though some of these techniques are having an impact, experts believe there’s much more to be done.
As our society becomes more aware and more prepared, even stronger security for IT systems will be developed. Until then, security experts urge the public to be more cautious about clicking on links. Employees at any company need regularly scheduled security meetings where they are educated and reminded to utilize best practices when using smartphones and computers. All programs should be updated regularly with software updates and fixes to known bugs. Create difficult passwords and change them every 90 days. These are just a few of the ways that consumers can stay safe while surfing on the internet.
When was the last time you thought about technology and the role it plays in your business success? Strategic IT Budgeting and planning for the tactical use of technology resources will bolster your business efforts to establish a competitive advantage. Just as you develop and adjust your annual business plans, you should do the same when it comes to IT planning and budgeting.
Technology is now a part of nearly everything you do, and it involves much more than computers. With the advent of artificial intelligent (AI), the Internet of Things (IoT), big data, business intelligence (BI) and Voice over Internet Protocol (VoIP) phone systems, the line items for IT may take up quite a bit more space on your balance sheets than before.
With information technology changing so rapidly, it’s sometimes difficult for business owners to anticipate what they will need for optimal performance in years to come. In the past, it was easy to budget for technology. You simply purchased the number of computers and software programs you needed to handle the basics. Today information technology is central to most all of your business processes. What you choose and how you choose to use it can mean the difference between success and failure. But how do you anticipate what you’ll need tomorrow?
In today’s competitive environment, businesses must rely on technology in order to compete and survive in the marketplace. With computers, the Internet and the availability of more software applications, productivity has been increased for many. Technology helps employees become more efficient, quick, and precise.
Information can now be relayed instantaneously, coworkers can collaborate on projects in real time from wherever they are, and businesses now have the ability to more easily spread their services throughout the world. We can no longer function without our computers, laptops, tablets or phones. Even our smartphones have the capabilities and apps that allow us to run our business from anywhere we have cell service.
You can cut labor costs by using computers and software programs for payroll, project management, and accounting. Instead of budgeting for hours of labor, you now need to budget for computers and programs. In the long run, this is money-saver for businesses of any size.
With IT shifting from just another piece of equipment in the office to the core of business operations, you should designate it as a central part of your budget. This also means that you must assess and clearly define how IT aligns with your business objectives to decide what you’ll need for the coming year(s).
Proper IT budgeting will help you lay a foundation for success for the future. Using the right IT solutions can help you:
Before you start, you must determine what your business will face in the coming year(s).
Will you be:
Hardware – This is the backbone of your IT infrastructure – The actual technology equipment you need to run your business. Be sure to include installation costs and maintenance in your calculations for items like the following:
Software – These are the business applications you’ll need to run your business. Be sure to include licenses and support contracts for your on-premise solutions.
Subscriptions – These are any costs associated with subscription-based services like cloud solutions. They include options like Workstation as a Service (WaaS), Software as a Service (SaaS), Security as a Service (SecaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and more.
Services & Support – This is the cost for services required to support all of your IT operations. It may encompass expenses for in-house IT employees, or contracts with a Managed Services Provider who will maintain all your IT infrastructure needs. Expenses may include:
Project Costs – These are initiatives to transform or improve operations to support the growth of your business, and may include:
Now it’s time to compare your current IT capabilities with what’s needed to meet your business requirements for the upcoming year(s). Once you identify the gaps, you must align them with what your budget allows. You might not be able to purchase all of them. Make a list of the “must have” and another of the “would-like-to-have” technology assets. Go for what will give you the best return on your investment (ROI), and what you “must have” to keep your data secure and business running efficiently.
Implementation planning is critical as it lays out the steps you’ll take to complete your IT Budget for the year. You should contract with an IT Managed Services Provider to help you acquire, install and deploy your new IT solutions. The best ones will offer a payment plan that allows you to pay for the services you need on a monthly basis. And, don’t choose just any company, or one according to their prices. Also, make sure they aren’t a “fix-it-and-go” company. You want an IT partner who will be with you 24/7. Ask your business associates for referrals, check the testimonials on the MSPs’ websites, and certainly interview more than one.
Can they provide for your IT needs?
Consider your current IT support needs and how these might change in the coming year. Also, consider how these needs will change beyond next year as your business grows. Make a detailed list of your IT service and support requirements and objectives to determine if the IT provider can meet, and even, surpass them.
Look for an IT company that’s located in nearby
This affects the speed at which the company can respond onsite when IT emergencies arise. They should have the ability to handle all of your concerns and provide solutions thoroughly and effectively.
To keep your IT budget under control, look for an IT Managed Services Provider who provides fixed-rate, all-in-one IT services. This is the only way you can accurately budget for IT services in the coming year(s).
Choose an IT company that provides 24/7 support, as well as onsite and remote service
With around-the-clock service and support, you’ll always have the assistance you require when IT issues arise. Also, ask if they can remotely identify and block cyberattacks, and address IT problems before they cause downtime, breaches or data loss.
Are their service technicians certified, knowledgeable and experienced?
Visit the company’s website to assess the experience they have, how long they’ve been operating and what services they provide. Check the testimonials on their website and online reviews. Ask if you can contact some of their customers to ask their opinions about the service they receive.
Ensure you’ll receive the value you require from an IT MSP
The cheapest provider isn’t always the best. Before you sign a contract with an MSP, ensure it includes any and all contingencies that may arise and details about how services are priced and delivered. Your IT provider must also be capable of aligning technology services to meet your budgetary guidelines and ensure that you’ll receive maximum value from your IT investments.
Look for an IT company that offers training on software, hardware, and security
It’s essential that your staff is thoroughly trained on your systems and software, as well as Security Awareness Education to avoid being victimized by hackers. This will increase their confidence, capabilities, and productivity, and provide a first-line of defense against cyber threats.
Will they assign a dedicated account manager to your business?
This is a representative from the MSP who will act as your main point of contact. This person can get to know your business and your requirements in detail, to ensure you receive the exact service you need.
Do they provide monthly reports?
You must stay informed and aware of the performance of your IT assets. You’ve invested a lot in them, and you must be kept apprised regarding their capabilities and value. These monthly reports should highlight which solutions are performing well, and which ones need improvement.
Can your MSP act as your IT Consultant and Strategist?
You can greatly benefit from an IT Consultant who operates as an extension of your business. They can liaison with vendors and provide strategic technical advice to ensure your IT investments are providing what you need. They can assist with your IT budgeting and help you plan ahead and take advantage of the best prices.
IT Budgeting is an Ongoing Process
You shouldn’t think of IT budgeting as having a start and finish. It’s an ongoing process with a series of do’s and don’ts. No plan is 100% correct, and if you run into obstacles you should modify your budget. Budgets are often modified after they are prepared as we discover things we didn’t know before. You must find what works, what doesn’t and make adjustments along the way. Your IT budget will go through cycles as your business needs grow and change, and as the opportunity to take advantage of new, innovative technologies emerges.
Selecting a company to maintain your technology is one of the most important decisions you can make for your business. You must find the most competent and reliable IT support provider in your area.
How do you know if the IT company you’re considering is right for your business?
Some technology companies call themselves the best, but they haven’t kept up their certifications. This is important because the latest certifications validate the skills that their techs learned in their training. With all the cyber threats and new IT solutions today, it’s critical that your IT provider is up to date on their skills.
Don’t just pick a company off the Internet because they’re the closest one to you. Do your research to find out if they are truly qualified to protect your data and meet your organization’s unique IT needs.
The following are some key questions that you should ask any IT provider you’re considering for your business.
Parkway’s Legal IT Support Consultants Provide Security in the Cloud That Keeps Law Firms In The Winston-Salem Area Free of Embarrassing Security Breaches
The question of the hour for attorneys and law offices is clear: What do law firms need to do to make sure they aren’t making headlines with a security breach? A good follow-up to this question is, who provides security in the cloud that keeps law firms free of security breaches that can cause reputation damage and even liability?
For Parkway’s legal IT support specialists, that’s an easy one to answer.
We provide all the security in the cloud for law firms who want to stay free of data breaches.
How do we do this?
Well, it begins and ends with a strategic IT manager like our legal IT consultants who can successfully guide you to Total Data Security in the Cloud that provides round-the-clock data protection.
What Do Law Firms Need to Know About Cloud Computing?
Cloud computing, broadly defined, is a category of software and services delivered over the Internet rather than installed locally on a user’s computer. The cloud offers a variety of potential advantages including:
Because of cloud computing places data–particularly client data–on remote servers outside of the lawyer’s direct control, it also causes for some concern regarding client confidentiality and the applicable rules of professional conduct.
We’ve collected a variety of excellent resources from the ABA Legal Technology Resource Center and the ABA Law Practice Management Section to help you address the questions and concerns you may have regarding cloud computing.
Every law firm has two major challenges. One of them is the storage of the sheer volume of data their business creates and the other one is the protection of that data, via security in the cloud and other systems. The last few decades’ have seen a rise in technology which has presented very solid solutions to these challenges (if you know where to find them).
A small computer disk, for instance, can hold terabytes of data inside an enclosed drive. If that seems like too much, the cloud has offered an off-site solution to the problem that eliminates hardware maintenance. Before these solutions came along, information could only be saved on paper that filled boxes and boxes.
Security in the cloud is a much more complex challenge. Before, you could lock those boxes of papers in an office, turn on the burglar alarm and go home. Someone would have to physically go there and break into your office to steal that information, and it would be noticeable when they walked out carrying boxes.
Now, all that’s required is some knowledge of computers and software, and someone can hack into that material from afar. They don’t even have to be in the same country, much less in the same city or neighborhood. Therefore, the unintended consequence of a solution for one problem has resulted in the creation of another, yet much more serious problem: the loss of data security.
Now the technology must be managed systematically and monitored very closely. That is why law firms need security in the cloud – and, we propose, managed IT services via a trusted law firm IT support partner.
Security in the Cloud Advantages for Law Firms
Here are some advantages of having a Law Office focused Managed Service Provider or MSP handle your IT and cloud security needs:
Given the nature of the information that law firms are entrusted with, security can’t be overemphasized. Breach of that information can ruin lives, sometimes irreparably. That means damage to your professional reputation as well as the bottom line. So how can managed services for law firms prevent that from happening? By being proactive. Your core business is to provide legal services to your clients.
Worries about security in the cloud and in your IT systems should be the last thing on your mind. That’s why we’re there to prevent viruses and any other suspicious activity that might bring your systems down. Their software applications are capable of alerts whenever something unusual is taking place inside your networks.
With secure cloud computing, you also get:
In short, the peace of mind that an MSP who specializes in law firms across Winston-Salem can provide will not come from the “break-fix” computer services guys – it’ll come from seasoned experts who can objectively assess and remedy all IT contingencies, long-term.
Get Your Law Firm Security in the Cloud It Can Trust
Just call our legal IT consultants today for more information on how our we can get your law firm security in the cloud you can trust to consistently deliver optimum security, performance, and product assurance.