Posts

Hurricane season is here. These harsh weather events can produce devastating high-speed winds, torrential rains, and microbursts, and can bring your business to a grinding halt. To address the threat of hurricanes, your company should have an effective hurricane disaster recovery policy in place.

What is a hurricane disaster recovery plan?

A hurricane disaster recovery plan is a written set of procedures on how to respond to a hurricane. Just like a standard disaster recovery plan, this policy contains steps that should be taken before, during, and after a hurricane, including:

  • How to anticipate and mitigate the effects of a hurricane
  • Emergency procedures to ensure everyone’s safety
  • Steps for restoring vital business systems and operations
  • Long-term plans for full business recovery

How to create a hurricane disaster recovery plan

While each organization’s hurricane disaster recovery plan is unique to its industry, the basic framework should contain the following:

1. Risk assessment
Conducting a comprehensive risk assessment will help pinpoint vulnerabilities your company must address. This lets you prioritize the most critical parts of your planning and help you shape your hurricane disaster recovery policy.

2. Preventive planning
While it’s impossible to stop a hurricane, anticipating and carefully planning for it can help prevent serious damage to your business. Think about how people board up their windows before a hurricane strikes. You need to take preventive steps to protect vital aspects of your business from a hurricane. This includes:

  • Backing up your data
    Data backup is an important component of any disaster recovery strategy. Even if a hurricane does not completely destroy your IT infrastructure, the disruption caused by the loss of huge quantities of data can lead to lost productivity and revenue.Having a robust data backup system allows you to quickly restore vital business data and minimize downtime caused by a hurricane. Examples of data backup solutions include:

    • Off-site backups – Storing copies of your backups in off-site data backup centers in areas rarely hit by hurricanes is an ideal solution. This ensures that you will have secure copies of your data even if your servers and computers are destroyed during a hurricane.
    • Cloud storage – Cloud storage lets you access your data and files remotely, as long as you have a stable internet connection. This allows employees to work from home in case your offices suffer severe damage.
  • Protecting physical assets
    During a hurricane, the biggest threat to your servers and other electronic equipment is flooding and water damage. Here are some ways you can keep them safe.

    • Avoid storing servers in the basement, as this is usually the first area that will be flooded.
    • Choose a storage room with no water pipes in the walls and ceiling to prevent water from leaking in.
    • Install flood detectors to warn you if water enters your facility.
    • Invest in turtle shells to protect electrical equipment from leaks.

3. Response
This covers the emergency procedures that should be taken during a hurricane to minimize the risk of injury to employees, such as:

  • Guidelines on how to protect oneself from strong winds
  • Where to take refuge if trapped in the building
  • Evacuation policies to ensure everyone’s safety

You should also include the names and contact information of emergency personnel to ensure all safety measures are carried out properly.

4. Restoration
This contains steps on how to restore critical business operations and systems after a hurricane, and who will be responsible for the restoration process. It should include clear instructions on what needs to be restored first, such as:

  • Data backups
  • Power
  • Network access
  • Servers and other damaged equipment

Conducting a business impact analysis will identify critical business systems and help you formulate an effective restoration plan that will get your business back up and running as soon as possible.

5. Recovery
Even if your company restores vital systems quickly, you still need a complete, long-term recovery plan. It should include details on how the company will fully restore operations to pre-hurricane levels. Here are some examples:

  • Repairing of damaged structures
  • Replacement of destroyed equipment
  • Relocation of business if needed
  • Returning the workforce to full capacity

Hurricanes are unpredictable, but having a disaster recovery plan in place will help you recover as quickly as possible. Talk to our experts today to learn more about disaster recovery planning.

If you’re concerned about any natural disasters putting you out of business, call us today. We offer comprehensive business continuity services that every company should have.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Students are returning to the classroom now that back-to-school season is officially underway. During the first few weeks, teachers will be reteaching their students the topics they learned in the previous school year to help them regain knowledge they may have forgotten during summer break. But students aren’t the only ones in need of a refresher every year. Your employees also need to be refreshed on company policies, values and, most importantly, cyber security practices.

Did you know that human error accounts for 95% of all successful cyber-attacks? When a cybercriminal is planning an attack, they look for weak points within a company’s cyber security plan. The easiest spot for hackers to exploit is a company’s employees. New cyberthreats are created on a consistent basis, and it’s important that your employees know what to do when they encounter a potential threat. If your employees are not routinely participating in cyber security trainings, your business could be at risk, regardless of size.

Every single one of your employees should be familiar with your cyber security practices. When they’re hired on, they should go through an initial training that lays out all of your practices, and they should also participate in refresher trainings throughout the year to ensure that the entire team is on the same page with cyber security. At the very least, you should host at least one security training annually. If you’ve never put together a cyber security training, you may be wondering what topics you need to cover with your team. Below, you will find four of the most important topics to cover.

Responsibility For Company Data

This is your opportunity to explain to your employees why cyber security is so important. They need to understand why cybercriminals are interested in your company’s data and what they could potentially do with it. Everyone on your team has a legal and regulatory obligation to protect the privacy of your company’s information. When discussing this topic with your team, it’s imperative that they know the ramifications of falling victim to a cyber security threat.

Internet Usage

Does your company have restrictions on what websites your employees can use while at work? If not, that’s something you should look into. Every device that’s used by your employees should have safe browsing software downloaded onto it to prevent them from stumbling upon dangerous sites that could put your company’s data at risk. Your employees should know what sites are acceptable to use and that they should not be accessing their personal accounts while connected to your company’s network. They should never click on links that are sent from an anonymous source or are found on an unapproved website.

E-mail

If your employees utilize e-mail while at work, it’s important that they know which e-mails are safe to open. Employees should not respond to e-mails that are from people they aren’t familiar with, as that could be a cybercriminal attempting to gain access to your company’s data. Employees should only accept and open e-mails that they are expecting or that come from a familiar e-mail address.

Protecting Their Computers

If your employees have their own personal computers, they should be doing everything in their power to keep them protected. Whenever they walk away from their computer, they should make sure it’s locked; they should also never leave their computer in an unsecure location. Also, ensure that your employees are backing up their data routinely and have downloaded necessary antivirus software.

It’s of the utmost importance that your team has been fully trained in your cyber security practices. If they haven’t, they could open your business up to all sorts of cyber-attacks that will damage your company’s reputation from a customer perspective. Your business will also no longer be compliant, and insurance companies may not cover your claims if your team is not participating in regular training.

Ensuring that your team is aware of your cyber security practices and actively taking steps to strengthen your cyber security is the best way to stay compliant and prevent cyber-attacks. If your team is not regularly going through cyber security training, you need to start. It will offer more protection to your business, which will make your customers more comfortable doing business with your company.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Many businesses still haven’t figured out secure remote working

It’s been more than two years since the pandemic forced much of the world into lockdown, with many companies thrown into a remote working environment.

But new research has shown the majority still haven’t figured out how to keep their workforce secure as they work from their kitchens, local libraries, coffee shops, and airports.

A survey of 3,000 IT staff and other employees conducted by TechRadar Pro, in partnership with Perimeter 81, shows that more than three-quarters of businesses have at lease some remote employees.

Their responses to questions around intended spending for 2022-23, however, revealed that many still do not have the necessary protections in place; 10% will look to implement some form of access management, while 9% will prioritise VPN and zero-trust solutions, respectively.

Further, just half (50%) of firms have a cloud-based cybersecurity solution in place, with an additional 15% saying they are currently exploring their options.

VPNs and firewalls reign supreme

Ever since the pandemic, the number of cyber-incidents, data breaches, business email compromise attacks, and ransomware attacks has spiked, bringing with them billions of dollars in damages.

Cybersecurity researchers argue that many employees who were forced into a remote working environment weren’t prepared, and ended up compromising their corporate networks with malware-laden home devices running no antivirus solutions, password sharing, and falling victim to phishing and other social engineering attacks.

However, now more than two years since the transition, it should be expected that businesses hold up their end of the bargain too, putting in place the necessary services to protect against threats.

The data shows that companies are performing strongly when it comes to a web security (more than two-thirds have either web or malware filtering solutions set up). Cybersecurity solutions like VPNs and firewalls have also seen relatively high levels of adoption.

But the survey data also serves to highlight the number of businesses that remain at risk, when the inevitable occurs.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechRadar SOURCE

Working from home is becoming an increasingly popular option for employees around the world. While this flexible work arrangement can be a great perk for employees, it also comes with its own set of security risks. Follow these cybersecurity tips so you can protect yourself, your personal information, and your company’s data while telecommuting.

Patch your software regularly

Although installing software updates can be a major nuisance, these updates generally address critical weaknesses and protect your systems from the latest threats. Most apps now offer an automatic update feature so you don’t have to manually patch your software.

Another option for your business is patch management software. These track patches on employee devices and roll out the most recent updates on a company-wide scale.

Fortify your accounts

When everyone is working remotely, user accounts must be properly secured. One way to achieve this is by setting at least 12-character long passwords with numbers and special characters mixed in to make them more difficult to guess. More importantly, these passwords must be unique to each account, to minimize the damage if hackers manage to compromise one set of credentials. If you find it difficult to generate and remember login details for all of your accounts, consider using password managers like LastPass, Dashlane, and Keeper.

To further strengthen your accounts, you’ll also need to enable multifactor authentication (MFA). This adds another layer of identity verification — like fingerprint scans or one-time activation codes sent through SMS — to make it more difficult for cybercriminals to hijack your accounts.

Use a virtual private network (VPN)

VPNs are primarily used to circumvent geographic restrictions on location-specific websites and streaming services, but they’re also a crucial tool for remote workers. A reliable VPN creates secure connections between devices and networks by encrypting internet traffic. This hides web activity from prying eyes, protecting your employees’ online privacy and mitigating the risk of hackers stealing company information.

Set up firewalls and antivirus software

Make sure to enable firewalls in your operating systems and hardware. These provide a strong layer of protection between your device and the internet, preventing malicious programs and other network threats from reaching your device. Your managed IT services provider (MSP) may also provide third-party firewalls in case your computers don’t have any built in by default.

In addition to firewalls, you’ll want to implement antivirus software to detect and remove any malicious programs that manage to infiltrate your device. Just remember to constantly update the software so it can effectively detect the newest malware strains.

Secure home routers

Home Wi-Fi routers are not as thoroughly secured as their business counterparts so take extra precautions to safeguard them. For starters, change the default router password immediately after setting it up because hackers can easily look up the password online once they know your router model. You should also install the latest firmware updates to eliminate any security vulnerabilities.

Finally, check whether your router has Wi-Fi Protected Access 2 (WPA2) encryption settings to secure inbound and outbound traffic. If your router doesn’t have WPA2, you’re overdue for an upgrade.

Back up your data

Important files must be backed up regularly in the cloud and your external hard drive. This way, you’ll always have a copy of your files in case of a major data loss incident like a ransomware attack or a power outage.

Watch out for online scams

The biggest threat remote workers face is online scams. Phishing emails may entice you with free coronavirus test kits in exchange for personal information. Some cybercriminals may even masquerade as legitimate companies, CEOs, or friends to trick you into clicking on dangerous links and attachments.

To avoid these threats, you must be critical of everything you see online. Look for any suspicious links and attachments, grammatical errors in the email body, and misspelled email addresses. Plus, you should never give out sensitive information to an unsolicited email, text message, or phone call.

Working from home poses many cybersecurity challenges for businesses, but you don’t have to address them alone. If you need guidance with enabling MFA, setting up firewalls, and even avoiding scams, we can provide the IT support you need.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org  SOURCE

Data is everything to a small business in this day and age – which means if you lose access or control of your data, you lose everything.

As dramatic as that might sound, the data backs that up. According to several sources, 93% of companies, no matter how big they are, are out of business within one year if they suffer a major data disaster without having first formulated a strategy for combating it. And since 68% of businesses don’t have any sort of plan for that worst-case scenario, that means losing data would be a death knell for most of the businesses in the country.

Fortunately, your business does not have to be one of them. By taking the following steps, you can ensure that you have a rock-solid disaster recovery plan in place.

Step 1: Know How A Disaster Recovery Plan Is Different From A Business Continuity Plan

The main difference between these two types of plans is that while business continuity plans are proactive, disaster recovery plans are reactive.

More specifically, a business continuity plan is a strategy by which a business ensures that, no matter what disaster befalls it, it can continue to operate and provide products and services to its customers. A disaster recovery plan, on the flip side, is a strategy by which businesses can back up and recover critical data should it get lost or held for ransom.

So, now that we have a clear, concise understanding of what constitutes a disaster recovery plan, we can dive into the steps necessary to create one.

Step 2: Gather Information And Support

In order to get the ball rolling on your disaster recovery plan, start with executive buy-in. This means that everyone, from the CEO to the entry-level employees, needs to be brought in on executing the plan in case your company suffers a data disaster. When everyone is aware of the possibility of a data disaster, it allows for cross-functional collaboration in the creation process – a necessary step if you want to prevent breaches in all parts of your systems.

You need to account for all elements in your tech systems when you’re putting together your disaster recovery plan, including your systems, applications and data. Be sure to account for any issues involving the physical security of your servers as well as physical access to your systems. You’ll need a plan in case those are compromised.

In the end, you’ll need to figure out which processes are absolutely necessary to keep up and running during a worst-case scenario when your capability is limited.

Step 3: Actually Create Your Strategy

When everyone is on board with the disaster recovery plan and they understand their systems’ vulnerabilities, as well as which systems need to stay up and running even in a worst-case scenario, it’s time to actually put together the game plan. In order to do that, you’ll need to have a good grip on your budget, resources, tools and partners.

If you’re a small business, you might want to consider your budget and the timeline for the recovery process. These are good starting points for putting together your plan, and doing so will also give you an idea of what you can tell your customers to expect while you get your business back up to full operating capacity.

Step 4: Test The Plan

Even if you complete the first two steps, you’ll never know that you’re prepared until you actually test out your disaster recovery plan. Running through all the steps with your employees helps them familiarize themselves with the steps they’ll need to take in the event of a real emergency, and it will help you detect any areas of your plan that need improvement. By the time an actual data disaster befalls your business, your systems and employees will easily know how to spring into action.

So, to review, these are the quick actions that you and your employees will need to take in order to make a successful, robust disaster recovery plan:

  • Get executive buy-in for the plan.
  • Research and analyze the different systems in your business to understand how they could be impacted.
  • Prioritize systems that are absolutely necessary to the functioning of your business.
  • Test your disaster recovery plan to evaluate its effectiveness.

Complete these steps, and you can ensure that your business will survive any data disaster that comes your way.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Hurricanes damage property and put lives at risk. If you’re not prepared, hurricanes can also disrupt your operations and put your business through extended downtime. In this blog, we’ll help you quickly regain access to your data and get your business back to operational mode after a disaster.

Determine recovery hierarchy

Certain parts of your IT system are more mission-critical than others. Ask yourself which systems and/or data must be recovered in minutes, hours, or days so your business can resume operations quickly

For example, you may find that recovering sensitive customer information and eCommerce systems take priority over recovering your email server. Whatever the case may be, prioritizing your systems ensures that the right ones are recovered quickly after a disaster.

Pay attention to location

First and foremost, your backup site should be in a hurricane-free zone. Ideally, your off-site facility should be located at least 100 miles away from your main location. If this isn’t possible, make sure it is built to withstand wind speeds of 160 miles per hour (as fast as Category 5 storms) and is supported by backup generators and uninterruptible power supplies.

You should also request an upper floor installation or, at the very least, keep critical IT equipment 18 inches off the ground to prevent water damage in case of floods.

Use image-based backups

Unlike fragile tape backups, image-based backups take “snapshots” of your systems, creating a copy of the OS, software, and data stored in them. From there, you can easily boot the virtual image on any device, allowing you to back up and restore critical business systems in seconds.

Take advantage of the cloud

The cloud enables you to host applications and store data in high-availability, geo-redundant servers. This means your backups can be accessed via the internet, allowing authorized users to access critical files from any device. Expert technicians will also watch over and secure your backups, allowing you to enjoy the benefits of enterprise-level backup facilities and IT support.

Back up your data frequently

Back up your data as often as possible, especially during disaster season. If your latest backups were created on September 15th and a storm makes landfall in your area on the 28th, you could lose nearly two weeks of data.

Test your disaster recovery (DR) plan

After setting up your backups, check whether they are restoring your files accurately and on time. Your employees should be drilled on the recovery procedures and their responsibilities during and after a disaster. Your DR team should also be trained on how to failover to the backup site before the storm hits. Finally, providers, contractors, and customers need to be notified about how the hurricane will affect your operations.

As cell towers and internet connections may be affected during a hurricane, make sure your company forums are online and have your employees register with the Red Cross Safe and Well website so you can check their statuses.

It’s nearly impossible to experience disruptions during disasters like Harvey or Irma, but with the right support, you can minimize downtime. If you’re concerned about any natural disasters putting you out of business, call us today. We offer comprehensive business continuity services that every company should have.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE