Disaster Planning 101: A Guide to help you plan for the worst

IT disasters are devastating to the infrastructure of any organization.  In a modern office environment IT is the hub of any type of business.  Disasters can disrupt IT processes to the point that businesses are significantly impacted.  When it comes to disaster recovery many firms believe they will never need a back-up plan; convincing themselves that the likelihood of their organization being affected is minimal.  In reality, threats to your IT infrastructure are growing no matter what segment of the economy you operate within.

In each sector an IT disaster can be classified into two different categories: Natural, such as floods, tornados, or earthquakes; or man-made, primarily sabotage or cyber-attacks and more benign causes like human error or power outages.  Whatever the cause of your IT downtime, a comprehensive Disaster Recovery Plan is the key to getting you up-and-running in an efficient manner and with the least amount of disruption.

While every organization has its own unique structure and needs, there are a few key areas that must be considered before deploying a Disaster Recovery Plan.  According to the National Institute for Standards and Technology (NIST) special Publication 800-34, Contingency Planning for Information Technology Systems, a comprehensive structure for an IT disaster recovery plan begins with the following:

  1. The plan development team should meet with the technology team to establish the scope of the plan.
  2. Gather all relevant network infrastructure documents (network diagrams, equipment configurations, databases, etc.)
  3. Obtain copies of any existing IT and network DR plans (if any) as well as any history of previous outages and how they were handled.
  4. Identify the most probable threats to the IT infrastructure, e.g. fire, power loss, human error, cyber threats.
  5. Identify the most serious vulnerabilities such as lack of backup power, out dated copies of databases.
  6. Identify what are the critical IT assets.
  7. Determine the maximum acceptable outage time.
  8. Choose your IT Disaster Recovery Technology. Choices range from onsite backups to enterprise level cloud disaster recovery. The best recovery strategy depends on the most likely threats to any given organization’s IT operations and resources.  The most robust strategy is a fully mirrored recovery site at a physically separate facility.

A quick glance at the news will tell you that you cannot afford to hope for the best when it comes to disaster recovery planning, but where do you even begin?  An incomplete plan will not serve you well in the case of a disaster.  At Net Works we will partner with you to craft your unique Disaster Recovery Plan.  Business continuity is too important to ignore!  Don’t risk your organization with poor preparation.  Get Net Works in your corner.

Disaster Planning for 2017

We’re here to help you plan for a great 2017!  This includes evaluating your Disaster Recovery Planning.  At Net Works we take your backup data seriously with daily audits to ensure your backup data is secure and that if anything happens that we can recover your data with minimal downtime or disruption.

 

Ask yourself “what would happen if someone came and took your server out of the office?”  Can you say how long it would take to bring you back up and running again?  With our Disaster Recovery we can provide predictable up-time for you and your business.

 

Schedule a no cost review to be sure that your data and information are secure and backups are properly maintained!

 

 

Cyber-attacks right under the Christmas Tree!!!!

2016 has been filled with news of cyber-attacks and hacking.

  • In February the Central Bank of Bangladesh was the victim of a cyber heist that resulted in $81 million in losses and another $850 million in halted transactions.
  • In July, the Democratic National Committee’s email servers were breached. The resulting leaked emails caused much embarrassment and lead to the resignations of some of the organizations key officials.
  • In September, Yahoo announced that half a billion of its users’ accounts were hacked back in 2014 thus gaining access to names, email addresses, phone numbers, dates of births, and in some cases, even security questions and answers. This event alone exposed 500 million people to potential identity theft.
  • In October, major websites went down due to a massive attack on one of the backbones of the internet; thus leaving Twitter, PayPal, Spotify and many businesses hosted by Amazon Web Services unable to function.
  • Over Thanksgiving weekend, the San Francisco rail system was hacked allowing riders to ride for free while a hacker held the system hostage with the use of Ransomware.
  • Most recently, Google announced that upwards of 1 million user accounts were compromised with the use of “Googlian” malware on Android powered smart The company warns that 13,000 additional devices are being infected every day.     christmas-bulb

The news is continuously flooded with reports of cyber-attacks and it is clear at this point that no one and no business is immune to the dangers of the hacker community.  With the onslaught of cyber-crimes, what is a SMB owner to do?  You have taken what you feel are the necessary steps to keep yourself safe; installing firewalls and communicating to employees the importance of strong passwords.  Even though you have taken these steps, you could still be victim of a hackers.  Here are five clues that you and your network might have become victims:

Clue 1) Slow internet connection. When hackers gain access to your network they begin to use your bandwidth for their own purposes.

Clue 2) Unauthorized programs have been installed on your network.  If you notice an unfamiliar program that was not authorized, documented or installed by anyone within your organization, that’s a sure sign that a hacker has invaded your network.

Clue 3) Spam emails are being sent from your company computers and email accounts.  Spam emails look legitimate because they are coming from your trusted email address.  Many of your customers may open them, annoying your subscribers and possibly leaving them open to security threats of their own.

Clue 4) Unfamiliar programs are requesting access to your network; or your Firewalls or other security programs have been uninstalled.  If your security systems are dismantled, unfettered access to your systems may be allowed to wreak havoc in your network.

Clue 5) Visitors to your home page are redirected to another site or antivirus solutions are flagging your site.  An internet search for your site results in error messages that warn the searcher that malware has been detected on your site.  This warning means that hackers have certainly uploaded some sort of malicious software to your system.

If you have noticed ANY of these signs, do not wait any longer.  Contact Net Works.  We are cyber-security experts and will perform a full security audit on your entire system.  We live in a complex connected world; you cannot afford to face downtime or data loss due to hackers.  Threats are everywhere, don’t try to take on the hacker community on your own.  Contact Net Works today!

 

Understanding Office 365 and what it can do for you

Running a business is a 365 day a year job. While you focus on running your business let Net Works focus on keeping you up-to-date on the latest developments in information technology. In the fourth quarter of 2015 Microsoft launched Exchange Server 2016 and implemented updates to its Office 365 service and software suite. While both feature improved security, there are several key differences, which is crucial to understand when making the appropriate choice for your business.

office365-2

Office 365

Office 365 is Microsoft’s cloud based subscription service and therefore is no need to purchase any additional hardware. The low monthly subscription structure makes it a cost effective option for many small to mid-sized businesses in industries who need to comply with all current privacy and regulatory guidelines. Many business owners do not realize that free email services, such as Gmail, Yahoo, and AOL are not compliant with certain security and privacy regulations. Any company that is found to be non-compliant in regulated industries may face a government fine, as well as have to pay a service to get them back in industry compliance.

In addition to meeting confidentiality requirements, the email service in Office 365 has an added feature called “Clutter.” Clutter utilizes smart technology to learn patterns in users email. If it sees that emails from a specific sender are consistently never opened or immediately deleted it will send those messages to the Clutter folder rather than the inbox.

Unlike Office 365, Exchange Server 2016 is Microsoft’s most up to date and secure email software for on premise options. Some business owners prefer to keep their email server on premises rather than Office 365 due to a higher level of internal control. Depending on your particular business’ needs, it can offer higher performance than Microsoft’s cloud based service. There are some cases where an on premises server is the best, such as businesses that require large capacity file shares (50GB in size or more) or operations that would be bandwidth-prohibitive in a cloud scenario. Offices that have less infrastructure access to the internet would be wise to take this into account during their decision making process.

Exchange 2016 offers all of the same security features as Office 365 and is fully compliant with all privacy guidelines. However, it does not have the Clutter feature that Office 365 users are able to utilize. If you are currently using a now unsupported, or soon to be unsupported version of Exchange, it is past time to upgrade; preparing to move to Exchange 2016 is a must. Any business currently running a version of Exchange Server earlier than 2010 will need to perform an additional step as they upgrade. Files must be moved to Exchange Server 2010 as an interim step as newer versions cannot co-exist with any framework developed prior to 2010. It is important to remember that Microsoft will be terminating all support of any version of Exchange prior to 2010 on April 11, 2017. If your internal IT department has their hands full managing your day to day operations or if you do not have an internal IT department, Net Works can help you ensure a smooth transition as you migrate to the Exchange 2016 environment.

office365-3

Office 365

How do you know which option is the right choice for your business? Net Works can help you navigate the confusing world of information technology. You focus on what you do best and let Net Works handle the IT. Contact Us Today!

Is your business network haunted?

Let us rid you of those Witches, Ghosts, and Goblins!

 

With layered network security and 24/7/365 monitoring those monsters will have no chance to invade your space, taking away valuable time for your staff to be productive. Combine that with some great training and education on how to most effectively use your technology we’ll have you home in plenty of time for those trick or treaters coming to your door. If you’re like me you’ve already got your costume ready.

Don’t let your your current technology plan “suck the life” out of your business!

Downtime…Downtime… Who has time for downtime???????

Your days are filled with making decisions that will guide your business into the future.  It is easy to put your IT needs on the backburner, but that will lead to days spent putting out IT fires rather than focusing on your growth.  In the 21st century technology is at the center of any business.  Your entire operation can grind to a halt due to one computer snag; costing you lost productivity and the potential for lost clients.  According to recent research by CompTIA, the proactive monitoring that a managed service provider offers, reduces your costs by 50% per downtime incident.  Outsourcing your IT needs to Net Works is the best way to ensure that your business is running smoothly.  We have the Enterprise level software applications to support your business as well as the wealth of knowledge of multiple IT professionals at your immediate disposal.
Gone are the days where all you needed concern yourself with was a slow internet connection or a finicky printer.  The information technology environment of today is endlessly the complex; a major firewall breach that threatens your data, your VPN failing, or your VOIP is not allowing any calls to be made are just three problems you could face.  The costs for keeping a modern office running efficiently on your own can be endless as well.  You need to be confident that all of your hardware and software will continue to work for you and not against you.  This is a job too big for just one computer expert to handle.  It is no longer practical, nor preferable, to be a jack of all trades.   At the very least a help desk employee and a systems administrator are required.  The average combined salary of these positions is $90,000-$120,000 annually, plus the costs of keeping their training and certifications up to date.  Even these employees would not be able to handle every computer glitch you are likely to face. In addition to the peace of mind that contracting with Net Works provides, there are many less obvious financial benefits such as leaner overhead, bulk purchasing and leasing options for hardware and software, and software licenses, as well as compliance with government regulations.
Outsourcing lets you focus on your core competencies while Net Works focuses on ours. Instead of just the experience of one person, you gain the knowledge of Net Works’ team of IT professionals.  By working with Net Works you benefit from our experience of working with 100’s of clients.  We have already seen most of the IT issues you will face and know exactly what is necessary to fix them in a timely manner.  At Net Works we let you focus on your business while we manage the Information Technology your business needs to be successful.

Delta IT Disaster!!!

Angry customers, negative media coverage, frustrated employees, untold revenue lost, lingering anger from customers: that’s the status for Delta Airlines this week.  Of course this is not news to anyone; unless you have been living under a rock you have heard the numerous news reports detailing the Delta computer disaster.  Whether caused by a minor power outage at Delta headquarters or an internal computer hiccup, the airline was forced to cancel over 500 flights causing gridlock across America’s airports at the height of vacation season. You may not be running an international transportation corporation, but imagine what would happen to your clients if you had an unexpected IT failure.  Think something like this can’t happen to you; think again.  The problem that Delta airlines faced was not the power outage at their headquarters, it was an inadequate IT Disaster Recovery Plan.  As a business owner you don’t want to be caught off guard in the middle of an IT nightmare.  While an IT Disaster Recovery Plan may sound like a great idea you might not even know what one looks like, let alone where to start.  Here at Net Works we are your IT partner and are ready to put together a comprehensive IT Disaster Recovery Plan.

The goal of any good plan is fivefold, it should:

Team of technicians using digital cable analyser on servers in large data center

Net Works team backing up client servers.

•    Minimize the disruption of business operations
•    Minimize risk of delays
•    Ensure a level of security
•    Assure reliable backup systems
•    Aid in restoring operations with speed

Net Works has a plan for you!

At Net Works, we are your information technology partner.  We will work with you to ensure that your unique IT Disaster Recovery Plan focuses on prevention, anticipation, and mitigation.  Before any plan is deployed we will: perform a comprehensive risk assessment, prioritize your processes and operations, inventory all equipment and technology resources.  Once these steps have been completed we will create a step-by-step IT Disaster Recovery Plan unique to you and your specific IT environment.  Don’t get caught off guard.  Disaster could strike at any time and, if you are not properly prepared, you too could experience the pain and disruption we now see for Delta.  Contact us today to discuss a customized IT Disaster Recovery Plan.

Cyber Liability and protecting yourself

Cyber Liability:  Then and Now

 

The term “cyber-liability” is certainly one that is at the forefront of everyone’s minds as it continues to dominate the headlines.  Both the new-age age criminal and the reliance on electronic data has forced companies to alter their risk management plans to include protection against data breaches.  In the past, cyber liability policies were only requested and purchased by companies providing professional IT services and those who handled a wide variety of computer systems and software.  As cyber security awareness has increased, coverage has become broader and coverage has become a necessity for businesses in every industry.

 

Prior to any laws that would hold companies accountable for private records being leaked, the only requirement for carrying privacy liability might be contractual stipulations.  The first law that was enacted that raised awareness of this was the Health Insurance Portability and Accountability Act (HIPAA), which most of us have heard of.  In 2003, a privacy rule went into effect for the private sector, protecting personal healthcare information under HIPPA regulations.  The introduction of these privacy requirements introduced a new concept of responsibility for those who store personal records.  Since the enactment of the HIPAA privacy rule, there have been 48 out of 50 states that have state laws or codes that require companies to notify a consumer if their personal identifiable information (PII) was breaches.  With a new century, comes a new exposure.

 

Prior to modern day philosophies and availability of industry-tested cyber liability products, companies would purchase policies that would provide coverage for alleged wrongful acts arising from their professional [technology] services.  The definition of wrongful act may or may not include breach of security or invasion of privacy, which are areas that are protected by acts, such as HIPPA.  Post-HIPPA privacy laws have made it necessary for non-technology companies to reevaluate their current insurance program and consider adding cyber liability coverage.  A modern cyber liability policy will include both Third Party liability coverages, along with First Party coverage.  Third party liability coverage provides coverage for damages to consumers.  This coverage provides protection against wrongful acts, loss of employee/customer information, failure to prevent the entrance or spread of a hacker/virus, and personal injury from your website content.  As mentioned earlier, most states are requiring companies to notify consumers when their information goes missing or is hacked and every state has a different notification requirement.  This is an unwelcomed expense and headache that many business owners would prefer not to shoulder.  A well-equipped cyber liability policy will help offset these expenses by providing first party coverage to pay for consumer notification expense, computer/legal forensic expenses, business interruption, and regulatory defense and penalties incurred.  (It is important to note that no two cyber liability policies are alike and terminology can often be confusing as there is not a standard policy form that has been accepted by the courts.)

 

The cyber liability marketplace has come a very long way since its introduction in the early 2000s, but it hasn’t been tested nearly as much as the other insurance products.  As breaches become a greater risk to all businesses, insurance companies can expect to see more claims and the need for capacity to support these claims.  It is vital to make sure that you work with an advisor who is very knowledgeable about the cyber liability arena and knows the marketplace well.  While many insurance carriers have found solutions to protect your business if and when a breach occurs, it is still difficult to stay ahead of the technology market.  As networks and enterprises move to the “cloud,” hackers will follow.  It is very important to consult with an IT professional to discuss proactive ways to prevent breaches/hacks and to formulate a continuity plan should you fall victim to one.  With a strong IT infrastructure, solid continuity plan, and a strong cyber liability program, you should be able to weather the storm if you face a network security breach.

 

About the Author

 

Alan Sisk is a Sr. Risk Advisor with Geny Insurance Group.  Alan partners with commercial clients to proactively identify ways to create and increase the value of their businesses through insurance and risk management techniques. He brings a creative approach to his clients and the field of insurance by challenging old conventions and applying new philosophies.  Alan is very knowledgeable of the cyber exposures that businesses face today and well-informed of the latest trends in the marketplace.  Should you have any questions, please contact Alan at 615.515.3218 or alan@genyinsurance.com.

 

About Geny Insurance Group

 

Celebrating its 30th year anniversary, Geny Insurance Group (Nashville, TN) has been a full-service independent insurance agency devoted to serving the needs of individuals and businesses. As one of the most respected independent insurance agencies in Middle Tennessee, they strive to provide a customized risk management solution that protects their client’s most critical assets and supports their future goals. Geny Insurance Group is the Nashville office and headquarter location for SouthPoint Risk Advisors, which operates out of 6 offices throughout TN & KY and offers Personal & Commercial Insurance, Risk Management, and Employee Benefits.