Posts

Why Secure Application Development Is a Necessity

With news of devastating cyberattacks constantly in the headlines, secure software development is more important than ever. Yet, far too many applications remain vulnerable to exploits by malicious actors.

According to a 2016 survey, for example, 97% of Java applications use code with at least one security hole. Another study found that security vulnerabilities were present in at least 90% of web and mobile apps.

For the good of both you and your customers, security must be a priority at all stages of the software development lifecycle. Below, we’ll discuss how and why to incorporate security into your application development processes.

How to Bake Security Into the SDLC

The software development lifecycle (SDLC) traditionally consists of a series of key phases. They span from requirements gathering and design to testing and maintenance. Whether you use the waterfall (sequential) development model, or you prioritize speed and flexibility with the agile methodology, security can and should be a preeminent concern during this process.

Some helpful guidelines for making security a priority are:

  • Developers should be trained on the principles of secure programming. One good place to start is to check your applications for common vulnerabilities, such as the OWASP Top 10 security risks for web applications. OWASP also provides a reference guide for secure coding practices that developers should consult at regular intervals.
  • Keep the development tools and technologies that you use as up-to-date as possible. The massive 2017 Equifax data breach, for example, was caused by a vulnerability in the Apache Struts web application development framework that the company should have already patched.
  • Include automated application security testing as part of your testing processes.

Related: How to Prepare Your Business for Unexpected Disasters

Regulatory Considerations for Application Development

Beyond the standard best practices for secure development, companies in certain industries must take special care to protect their applications and data from unauthorized breaches.

For example, the Health Insurance Portability and Accountability Act (HIPAA) requires health care organizations to secure patients’ protected health information (PHI). Companies that suffer a data breach must report the attack soon after its discovery. They may face financial penalties if the information was not adequately protected.

Another security standard, PCI-DSS (Payment Card Industry Data Security Standard), regulates how organizations may handle and store customers’ payment card information.

Related: Why You Must Never Neglect Software Testing

The 12 PCI-DSS requirements include the installation of a firewall and the encrypted transmission of cardholder data across open networks. Failure to meet these guidelines may result in harsh fines and even the revocation of your company’s ability to process credit cards.

The Role of MSPs During Software Testing

You may feel overwhelmed by the potential vulnerabilities and security flaws that you need to account for. But rest assured that you don’t have to go it alone. A growing number of companies are relying on managed security providers (MSPs) to assist them with application security testing during the development process.

By working with an MSP, you can focus on your core business functions while leaving the security tests to the experts. MSPs will subject your application to a variety of both automated and manual tests. Automated vulnerability scanners can immediately identify a number of weaknesses and flaws, while manual “penetration tests” evaluate the software’s resiliency to attack.

Partnering with an MSP can give you high-quality, efficient and timely security tests so that you can keep pace with your development schedule without sacrificing software quality.

How the Cloud Fits Your Business

In the past, only large corporations considered moving their systems to the cloud. Today, cloud computing can fit any size business. In fact, migrating to the cloud offers a variety of benefits for organizations of all sizes. With an effective migration plan, organizations of all sizes can use the power of cloud computing to accelerate growth.

Cloud Computing is Becoming a Necessity

Small and medium-size businesses (SMBs) are facing the same type of heavy competition as their larger brethren. Cloud computing is revealing itself as a significant competitive advantage for SMBs and has moved from a viable alternative to a necessary tool.

Financial Benefits: Cloud Computing Will Tie Some Benefits Directly to Cost Savings

  • When you use cloud storage and cloud services, you naturally experience economies of scale. And, your computing resources can easily adjust to workload variations.

 

  • Your power consumption will automatically decrease, and you will spend less on managing a large number of onsite systems.

Related: 3 Types of Clouds: Which is Right for You?

  • Personnel costs will drop significantly. Often, the largest share of the IT budget goes to maintaining staff. When you migrate to the cloud, some of the personnel savings you experience locally will help to pay for your cloud services. In addition, your IT staff can then concentrate on doing more strategic tasks and acquiring new skills.

 

  • Migrating to the cloud doesn’t require any capital outlay. This is a definite advantage for SMBs that need to find capital for increasing their in-house operations.

 

  • Your SMB will only pay for the power you need. Maintaining flexibility in in-house systems typically requires the acquisition of more computing power than is needed on a daily basis. It’s critical to be able to handle failures or emergencies, as well as quick increases in sales. With cloud computing, the systems can be adjusted easily and only on an as-needed basis.

 

  • Cloud computing is a great way to level the playing field against larger competitors, allowing an SMB to acquire a larger market share.

Competitive Benefits: Some Benefits of Cloud Computing Will Give SMBs More Capabilities That They Can Apply to Win Against Competitors

  • Gathering and analyzing business data provides a significant competitive advantage through more accurate and faster decision making. The use of cloud computing provides the cloud storage and power needed to store and analyze a meaningful amount of business intelligence.

Related: What Does the Modern Cloud Look Like?

  • Information gathered by AlertLogic and Microsoft indicate that businesses using cloud computing have actually experienced a lower rate of security problems than those using in-house data centers. Besides that, 94 percent of SMBs have seen better security due to keeping systems, spam filters and antivirus programs up to date.

 

  • Cloud computing demonstrably provides more uptime, as 75% of SMBs report improved availability after migrating to the cloud.

Well-Planned Migration Is Critical

Migrating to the cloud effectively requires careful planning. While many SMBs report better security when cloud computing is used, it’s still up to the individuals planning the migration to ensure that security is at the top of the list of requirements. These are the most critical considerations for your migration.

  • Start small: Don’t try to migrate all of your systems at one time. Start small to get experience in completing the migration.

 

  • Choose cloud service providers carefully: Make sure you’re working with trusted and reliable suppliers of both cloud technology and the cloud support services you’ll need to make the migration successful.

 

  • Diversify passwords and user permissions: The migration is an excellent time to ensure that all the access points to your system are secure. Enforce secure passwords and restrict permissions to the greatest extent possible, and educate employees on the need for security.

 

  • Confirm backup procedures: Ensure that the cloud technology supplier you work with has a backup configuration that will allow you to access files from previous versions in the event of a problem.

Related: The Managed Services Pre-flight Checklist  

Next Steps

If you’re not one of the 66% of SMBs that see technology as a key success factor for meeting business objectives, now would be a good time to revisit that issue. As digital transformation affects more of the business community, using cloud computing will only become more critical for success.

 

What Does the Modern Cloud Look Like?

The evolution of cloud computing has been an incredible thing to watch for businesses. The cloud solutions that are available these days offer benefits in almost every category of business improvement.

Though the technology advances with each passing day, as you’re making business decisions now, it’s important to understand what the world of cloud computing looks like today.

The Current Cloudscape

How are business reacting to cloud solutions? Businesses are taking to the cloud by storm. And with the enormity of solutions available, it’s no wonder that 70% of enterprises will be implementing a multi-cloud strategy by 2019, according to Gartner.

This isn’t just limited to a cloud-based business app here and there. Companies now run 79% of workloads in cloud, which means the power of mobility, connectivity and productivity are translating to a big part of IT strategy.

Major Cloud Providers

While there is a wealth of cloud providers offering an ever-expanding catalog of cloud solutions, the top three have dominated the market and are often the go-to cloud provider for businesses looking ways to scale and improve workflow.

Amazon Web Services

The cloud as a commercial product really begins with Amazon Web Services, giving enterprise and small businesses alike the opportunity to build applications with powerful cloud software and host software platforms for their customers. Clients include Netflix and Expedia.

Microsoft Azure

Microsoft Azure offers cloud solutions that interweave seamlessly with its most popular platforms, like Office 365. Azure boasts 90% of Fortune 500 companies on its roster, including Adobe and 3M.

Google Cloud

Google Cloud gives you innovative machine learning, data analytics and more to help businesses harness previously unavailable computing power. Their top clients include Coca-Cola and Spotify.

Types of Cloud Solutions

For many businesses, choosing the type of cloud depends on the needs and goals of the individual business. Cloud access comes in three forms:

Public Cloud

Public cloud offers you the most flexibility in terms of mobility and scalability. With the public cloud, users effectively share access to storage and computing power. Likewise, there is no required management with the public cloud.

Private Cloud

For businesses who want higher security standards, the private cloud gives you sole access to data center servers. There is no sharing, which reduces flexibility but does mitigate risk at a higher level.

Hybrid Cloud

Hybrid cloud solutions give you an opportunity to utilize both the public and private cloud wherever each is most beneficial. In this circumstance, some of your workflow (like emails) may be in the public sphere for speed and flexibility, while others (like customer data) may stay private for extra security.

Related: The Cloud: Why It’s More Important than Ever

Variety of Applications

The variety of cloud applications is virtually limitless. Businesses looking for scalability may find virtualization in the cloud fulfils those needs. Others looking for business continuity options, too, may find that the cloud gives them the best backup and recovery support choices.

 

No matter what your business needs may be, there are cloud solutions available to you if you know where to look.

Contact GB Tech today to talk about your cloud options for business.

Learn More: Work More Efficiently from Anywhere with the Cloud

The managed services pre-flight checklist

Your business bags are packed and ready for travel. The destination? Growth and expansion. There’s just one problem– how will you get there? The route will have storms and turbulence that will be hard to avoid without the right technology co-pilot by your side.

The right managed services provider (MSP) can be that co-pilot. A smooth trip is all about the right technology solutions. With that in mind, here are your managed services pre-flight checklist.

Related: How to Prepare Your Business for Unexpected Disasters

Data backup services for continuity

Who will get your back when bullying cyber thieves come for your mission-critical data? And who will keep it safe from harm when storms try to take your business out of flight?

The right MSP can provide data backup solutions that ensure your important data and systems are backed up with the multiple redundancies needed to make sure you never lose so much as a single piece of your data.

Backing your data up onsite and on your own can be a recipe for disaster. Your data is the fuel in your engines. Lose it, and there’s no way you’ll be able to take off.

Related: 3 Malware Threats to Watch Out for in 2018

Network security for brand protection

Are you vetting the people trying to travel in and out of your network? A qualified MSP can secure your network from potential threats with constant oversight and consistent intervention when threats arise.

Employee training on threats such as phishing scams or email spoofing and general network oversight will mean that your business stays in flight (rather than grounded by downtime).

Related: What is the Value of a Brand?

Help desk and oversight for network harmony

Who’s there to help you troubleshoot? It doesn’t take a smoking engine to or frozen flap to cause problems in your flight plan. Slow computers, unresponsive programs, and network bottlenecks can all become major productivity stalls.

Engaging with the right MSP’s help desk solution puts a trusted team of qualified engineers at your beck and call 24/7 to deal with problems ranging from minor annoyances to major issues.

Even if you already have your own in-house IT expert, it’s likely there are places a good MSP could fill in the gaps. They can provide the kind of total network support that can keep your business soaring above the competition by focusing on growing and meeting company objectives instead of fumbling with frustrating technology.

Where will you fly with managed services?

The right technology is a powerful advantage that creates great momentum in your business operations. By trusting an MSP to take the technology yoke you can set your business up for growth, efficiency, and long-term success.

So what are you waiting for? Prep for takeoff.

Related: The Countless Benefits of Managed Services

How to Prepare Your Business for Unexpected Disasters

If we learned anything from Hurricane Harvey, it’s that preparation is never regretted. That’s the thing about businesses. We get insurance for loss, like hardware, office space and so on. But the biggest piece, truly, is having a business continuity plan based on data backup. Getting a check from the insurance company is great, but the loss of productivity or the absence of data access can crush your company.

So, how do you prepare your business for unexpected disasters? How do you ensure that your downtime is minimized, and your return to business is quick and efficient?

The answer is in a proper data backup plan that is well-thought-out and covers your hard work with redundancy.

Develop a disaster recovery and business continuity plan.

Your backup and disaster recovery (BDR) plan should be a living document that details a number of different elements and procedures. The plan accounts for everything that your business needs to run and proposes contingencies for multiple disaster scenarios, including everything from natural disasters to cyberattacks.

You need to list several things:

  • Your equipment. This includes hardware and software. What model of laptops/desktops and servers do you use? Can they quickly and easily be replaced? What software is essential for your day-to-day business workflow? Are your licenses up to date? If you aren’t already using cloud-based applications can you a new copy of your software be downloaded and installed with ease?
  • Potential disasters. This is a brainstorming session. If a fire or other catastrophic disaster physically wipes out your office, where do you set up shop? How do you replace equipment? How do you get connected to the internet?
  • Your reaction. Who is in charge of what? How does your staff communicate after a big disaster? Who is delegated to what responsibilities? How do we update our clients? Define your key players in recovery.

Related: Data Backups and the Erroneous Behavior of Your Employees

Backup data to highly secure cloud servers.

While on-premise backups are great for local file recovery, true business continuity needs off-site redundancy. Cloud-based data backups are essential these days as it relocates your data away from the disaster that may have downed your business. Modern data centers are often protected from weather and natural disasters, and provide increased levels of both physical and cybersecurity. This means that your data will also be protected by military-grade encryption to ensure that only you may access and initiate retrieval protocols.

Should your backup and recovery include virtualization, your solution can be configured to automatically failover and spin up replicated versions of your lost servers and data. This will enable your team to securely redirect their workflow to the cloud backup and continue working as usual while local office recovery is underway.

68% of small businesses don’t have a written disaster recovery plan. Nationwide

Run frequent, scheduled backups, and test, test, test.

If you don’t test your backups, you must assume you don’t have them. You not only want to have frequent, automated backups (at least every 15 minutes) but you also must test your backups. You never want to wait until it’s too late and find out that a glitch has rendered your data unrecoverable.

Related: Data Loss Disasters: Bad Decisions Revisited

GB Tech and Data Backup Planning

The time to start planning your business continuity is now. With GB Tech, your business has the best opportunity for recovery. Call us today to learn more.

Learn more: Plan to Backup and Restore Your Data ASAP

The Countless Benefits of Managed Services

Beyond the Buzzword: What is a Managed Service?

Managed service is a buzzword. There’s a good chance that unless you have worked with a managed service provider (MSP) in the past or have experience in the IT world that you’ve never actually heard that phrase – and that’s okay.

Managed services cover a wide variety of modern IT services, most of which replace or complement more traditional IT solutions. Over the last 15 years or so, software that can be sold as a service has been gradually replacing older hardware. One great example of this is Microsoft Office 365. Microsoft Office has been ubiquitous in the business world for ages and is one of the most widely used pieces of software ever created, but Office 365 allows Microsoft to breathe new life into their old product by selling it as a service. Adoption rates for Office 365 are incredible, hitting 24.9 million American subscribers in early 2017.

This process is not a unique one, and it has many benefits. In the case of software as a service (SaaS) specifically, the vendor has the ability to correct errors, release periodic updates, and the customer receives stability and ongoing customer service that would be difficult to achieve with a traditional software purchase.

Managed services fall under a massive umbrella that covers a wide variety of services – and it’s only a growing market. Some researchers say that worldwide IT services spending will reach $966 billion in 2017. That’s a staggering figure, even for a worldwide industry.

Managed services are rapidly replacing traditional IT solutions, and consumers are seeing savings. As of 2016, 72% of businesses outsourced IT, and 31% planned on scaling up their IT outsourcing. Much like Microsoft’s example of software as a service, many other older technological mainstays are being phased out. Many small businesses are abandoning their old data storage systems for cloud storage. Others are ditching their old server to take advantage of virtualization options, often referred to as infrastructure as a service (IaaS). One of the latest trends is the adoption of Voice over Internet Protocol (VoIP) as a replacement for (and improvement upon) traditional phone lines.

As managed services replace IT as we know it, it’s important to be aware of what kinds of options your business has. Businesses are seeing a wide variety of benefits, some of which may apply to your company as well.

Managed Services Grow with You

When traditional technology still reigned supreme, businesses often ran into trouble when they needed to scale their capabilities up or down, especially when such scaling needed to happen on a regular basis (as in the case of a seasonal business, for example).

This brings us to another one of those buzzwords: scalability. For our purposes, scalability is the ability of a service to increase or decrease its capacity in accordance with your business’s needs. In slightly more academic terms, there are four specific kinds of scalability that your business should be concerned with:

  1. Administrative scalability: the ability to add new users to the network with minimal effort
  2. Functional scalability: the ability to easily add additional functions to the network
  3. Geographic scalability: the ability to spread the network over a wider physical area without a notable performance penalty
  4. Load scalability: the ability of a network or system to handle larger or smaller than average workloads or inputs

Pretty dry, right? The good news is that at GB Tech, we generally try to avoid that kind of jargon altogether. A good managed service should meet all four of those definitions and grow to meet your requirements alongside your business – or in some cases scale down due to unforeseen circumstances.

Compared to managed services, older technologies are left wanting in terms of scalability. Remember the days when you had to buy a new filing cabinet every few months? With solutions like cloud services that can scale to meet your needs  you’ll never have to worry about such annoyances again – and you won’t pour money into hardware that might soon be obsolete.

How You’ll Benefit from Managed Services

Your business will benefit from managed services in almost countless ways, but there are certainly a few highlights that will be evident at surface level and immediately affect the quality of your daily workflows.

Cutting Costs Icon1. You’ll Save Money on Labor

Assembling an in-house IT staff is expensive, especially if your business is still in the early stages of its lifecycle. To make matters worse, an SMB’s day-to-day IT needs are often modest, meaning that a full-time IT staffer will often be left without work to do, resulting in a waste of money on your part and a waste of talent on your employee’s part. By outsourcing IT, you’ll be spending less than you would on a full employee’s salary, and you can scale your service to your needs.

Eye Icon2. Managed Service Providers Are in the Trenches Every Day

The legendary German officer Helmuth von Moltke is remembered for his most famous quote: “No plan survives first contact with the enemy.”

Moltke’s words ring true in the face of nearly any crisis, including an unexpected IT disaster. No matter how much you prepare, you’re very likely to come across a problem that you can’t solve just by following procedure. No matter how well-trained and knowledgeable your in-house IT professional might be, they still spend most of the time within the bubble of your company. Conversely, the IT experts at a managed service provider like GB Tech are out in the field every day, and in our company’s 30 years of experience we’ve seen nearly everything there is to see.

3. You Can Supplement Your Current IT Investments

Working with a managed service provider doesn’t have to spell doom for the IT professionals you already have working in your company. Some companies see better results from outsourcing IT when they complement the outside service with internal investments; the savings actually come from other operational areas. Analysis shows that internal IT personnel are actually key to capturing the value of IT outsourcing – and the two forces working in tandem can provide massive value for your business.

Pull Quote

Conclusion

It’s universally accepted that businesses need to invest in IT to survive in an increasingly digital world. As millennials step in for retiring baby boomers in the workforce, technology in the workplace is becoming less of a burden and more of a necessity. Opening up your business to a true technological transformation may not be easy – it actually requires a fearless, forward thinking attitude – but it will be fruitful. Managed services can make your business safer, more efficient, and more appealing to talented new employees.

At GB Tech we offer services in the form of the GB Tech Managed Services Package, a comprehensive set of solutions that we tailor to fit each one of our clients’ needs. We don’t believe in nickel and diming you for things you don’t need, nor do we cut corners to get you the cheapest results. We say that our offerings are mission critical, and we mean it – every project, no matter how large or small, will be held to the same high standards. You want to go to the moon, and we want to get you there.

All it takes to get started is a phone call or a message.

The Business Guide to Surviving the Next Hurricane Harvey (Part Two)

In Part One of our article, we talked about the devastating impact that Hurricane Harvey had on businesses in the Houston area. We also explained how developing a business continuity plan, complete with how the three essential elements of operational recovery sites, data backup and communications, can help save your business when disaster strikes.

Today, we’re going over more ways to stop business interruption, with a big focus on 3 questions you need to answer when you are working with your managed services provider (MSP) to prepare your business continuity plan.

1. Do you have a cloud solution in place?

Now that you know how important it is to back up your data, you’re probably wondering how to go about doing so. If you don’t already have one or more cloud solutions in place, that should be one of your first steps.

A recent study found that 90% of organizations use the cloud in some way, with 50% using cloud services as their preferred solution. We could write an entire paper on the benefits of cloud services (and we’ll get to that soon), but one of the major benefits you’re looking at is the ability for the cloud to keep your business running as a primary and/or backup server.

Your data should also have a physical backup, but with the cloud, you will be operational in minimal time.

2. Do you understand how important it is to eliminate downtime?

When disaster shuts down your business, you immediately start losing money. A recent ITIC survey finds that 98% of organizations say a single hour of downtime costs over $100,000. Even if your business is doing very well, no business owner or decision maker looks at a $100,000 loss with a big smile. And that’s just one hour.

When you extrapolate those figures over the days, weeks, months it sometimes takes an ill-prepared business to become operational, it’s easy to see why 60 percent of small companies go out of business within six months of a cyberattack.

3. Are you prepared for mobile operations?

Over 70% of businesses are permitting, or planning to soon permit, employees to use their own devices for work purposes. The rise of the “bring your own device” (BYOD) trend can definitely work in your favor if you need to shift quickly to operating out-of-office. You must, however, ensure that your data is secure across platforms.

When building your business continuity plan, you also want to work with your MSP to create a network that adapts to a mobile environment. Cybersecurity should never take a backseat to business continuity. There’s no reason these two can’t work hand-in-hand to minimize data loss and optimize productivity.

GB Tech Will Stop Business Interruption in 15 Minutes or Less

Here at GB Tech, we will work with your business to create a business continuity plan that guarantees minimal business interruption, and enables your business to be operational in 15 minutes or less.

We believe in Houston business and we are happy to share more specific information about how to keep your business going in the event of a disaster.

Please reach out to GB Tech to learn more. You can contact us anything, anytime.

Business Guide to Surviving the Next Hurricane Harvey (Part One)

For many people in our great nation, 2017 was a very tough year. That is particularly true of our friends, family and colleagues here in Houston and the surrounding areas impacted by Hurricane Harvey. With respect and interest in further helping the professionals and businesses involved, we have created a short guide to stopping business interruption in the event of another catastrophic event.

According to the National Hurricane Center, the Category 4 hurricane did over $125 billion in damage. Thousands of businesses were forced to close temporarily due to the disaster, and many closed permanently. Not only were people out of house and home, but many had no job to return to after recovery got underway.

We would like to share some essential information that will help your business survive in the event of a disaster. Here’s how to stop business interruption in its tracks:

You Need a Business Continuity Plan

A business continuity plan is just that, a plan to ensure that your business continues to operate in the event of a disaster. This internally developed document outlines the key individuals and their roles in initiating a step-by-step procedure to keep your business operational regardless of the series of events that may have occurred. This plan will be the framework for surviving beyond any disaster, and it will provide a reference point for training your employees in best practices and business resilience.

The specifics of your business continuity plan will vary to some degree based on your business, the geographic location of your employees, and the nature of the disaster. Here are some of the key areas that all plans must address.

Operations

Once you are confident that your data is being safely backed up, you then have to address operational procedures to continue serving customers. Your business continuity plan should always include a list of responsibilities and delegations so that you can be up and running as soon as possible.

After connecting with your team to make sure that everyone is safe, you’ll probably wonder how your employees will get back to work once their physical systems are no longer available. Many businesses at this point will create a business recovery site as an official base of operations.

Business recovery sites can range from skeletal offices with basic internet access and a few desks to fully operational offices that basically mimic the original site’s functionality down to computer hardware and amenities.

No matter what type of site you can afford to invest in, you’ll want to make sure that you have some sort of operational backup in mind.

Your recovery site, or even your remote worker recovery plan, can be organized by your managed services professional so that it fits the security standards already in place within your current network configurations.

Data Backup

When something as strong as a hurricane strikes your business, there’s little doubt that the physical hardware within your office will be compromised. If you have not backed up your data, then you will most likely lose all of the data that is essential to running your business, especially if your business systems are located at or below ground level.

Most data backup solutions will include a combination of backing up your data to additional local servers, as well as a cloud solution that will maintain copies of all your data in an off-site location unaffected by current issues to keep it safe from any potential data loss due to physical damage.

You would be surprised how often, even without a natural disaster, business owners lose data due to hardware failure. In the USA, historically about 140,000 hard drives fail every week.

Your physical infrastructure, including your server and other IT-related technology, is important and should always be updated to meet the demands of your business. That being said, it is still the data stored on your systems that is most important to running your business. You don’t want, and can’t afford, to lose that data.

Communications

A successful business continuity plan will always include communication protocols. It’s important that both your employees and customers know who to turn to for leadership and support.

For your employees, make sure that you have a dedicated line established that they can call for detailed business continuity instructions. Don’t rely on live information, because you will find that one person answering the phones is not adequate for the multiple people requesting information.

For your customers, you want to prepare a series of messages and a delivery schedule to make sure that they are alerted, informed and reassured that despite any possible disaster, you will be operational and open for business and they can know what to expect.

Stop Business Interruption in 15 Minutes or Less

Here at GB Tech, we will work with your business to create a business continuity plan that not only guarantees minimal business interruption but also will have you operational in 15 minutes or less.

We believe in Houston businesses and we are happy to share more specific information about how to keep your business going in the event of a disaster.

Please reach out to GB Tech to learn more. You can contact us about anything, any time.

3 of the Worst IT-related Disasters Ever (And What You Can Learn From Them)

Data breaches have, at this point, impacted almost every single person in the USA. These great larcenies of private information via mainstream companies are not only alarming but they are estimated to cost $6 trillion dollars by 2021. But we can learn a lot about how to stop business interruption from these catastrophic data breaches.

Here we share 3 of the biggest breaches of all time and some ways to avoid them.

1. 2013 Target Data Breach

In 2013, Target suffered a catastrophic data breach, leading to the loss of 11 gigabytes of customer data. The stolen data included names, mailing addresses, phone numbers, email addresses, and payment information for 70 million people.

Obviously, 70 million unhappy customers are not good for business, especially when it costs the company $252 million dollars. How does that even happen? Actually, Target was hit the same way many businesses are attacked–through phishing.

Here’s what we now know happened:

A single employee at one of Target’s third-party vendors, Fazio Mechanical, was tricked by a phishing program that allowed a password-stealing program called Citadel to be installed on the Fazio server. From there, attackers breached the Target vendor portal, Ariba, and took over the servers. It was a short trip from there to the POS servers, where the attackers spent weeks stealing and selling customer information on the black market.

Phishing is a cyberattack that works by prompting users into volunteering sensitive information through deceptive emails containing malicious attachments or website links. Compromising corporate data really is this simple sometimes.

One way to prevent damage to your business from phishing scams is to educate your employees. On top of the common cybersecurity practices applied by your managed services provider, informing employees to never enter personal or protected information on strange websites, as well as to “think before clicking,” will help prevent successful phishing scams.

Make sure to combat phishing with a combination of regular education and sufficient cybersecurity measures in case someone forgets.

2. 2014 Home Depot Malware Attack

In 2014, Home Depot suffered data loss of email and credit card information for more than 56 million customers. Home Depot soon learned that the last thing you want to do is compromise data from 56 million people who enjoy swinging hammers and planting things deep in gardens.

The damage? In total, the breach cost Home Depot $179 million dollars, including legal class action. The lawsuit also demands that Home Depot invests in stronger cybersecurity measures.

The Home Depot Breach happened because attackers were able to access a weakness and install malware which stole the consumers’ credit card, debit card, and email information. Like Target’s incident before, the attackers accessed Home Depot’s network through a third-party vendor.

The lesson here is that you need proper cybersecurity so that an anomaly can be recognized and stopped in its track. If you are worried about how accessible your network is, speak to your managed services provider about your current cybersecurity efforts and mention the need for superior access control and malware protection.

3. 2017 Equifax Cybersecurity Breach

You’ve probably heard of Equifax. It’s one of the three big companies that track and analyze our credit activity and scores in the US.

Let’s face it, none of us really like the people who sit in their little rooms pumping out algorithms in a mass effort to rank our financial capability. That being said, we didn’t exactly want hackers to steal the personal and financial information of 143 million people from Equifax.

That’s exactly what happened in 2017. According to Equifax, the attackers “exploited a U.S. website application vulnerability to gain access to certain files.” Those certain files included credit card numbers, social security numbers, dates of birth, address information and more.

A company like Equifax is required to have cybersecurity solutions in place, but we’ve learned that even they are susceptible to large-scale attacks. The total financial damage is unknown at this time, as various lawsuits against the credit monitoring giant are in progress.

Take Action and Business Protection

According to a study by Verizon, a small data breach where only 100 records are lost would most likely cost an organization anywhere from $18,120 to $35,730, but could cost as much as $555,660. Your business is a constant target for cyberattacks. And just like the three companies we’ve talked about today, you could be hit with major financial losses if you experience a security breach.

The best way to protect your business from cyberattacks is to work with your managed services provider to create your own solid cybersecurity solution. Most of the time, this will involve analyzing your network for vulnerabilities and strengthening those points. Monitoring your network is also imperative for proactive, ongoing protection against incoming threats.

As your IT partner, GB Tech strives to deliver mission-critical support in a dynamic, constantly changing world, and we are ready to help you learn more about your current cybersecurity solutions. You can contact us any time.

How to Stop Business Interruption and Save Your Business

It is 2020 and you are an astronaut on the prime crew of the Apollo 18 Mission. You have just participated in the rigorous NASA training program, and you are preparing to blast off to the opportunity of a lifetime — a lunar landing!

You have finished all of the pre-flight procedures. You’ve practice your landing speech in your head, and even dashes off an email to your sweetheart. You’re totally ready. All you have to do is get dressed. But, in all of the excitement, you manage to puncture a hole in your spacesuit.

You don’t have an extra spacesuit, so your backup on the mission, Carl, gets to do the Apollo 18 Mission and land on the Moon instead, while you stay at home on Earth and take notes. But that’s okay, you can go next time. This is the first Apollo mission to the Moon in 38 years, but they are bound to get more frequent.

Wow. That would be the disappointment of a lifetime, right? Fortunately, NASA has a backup plan for everything. Even for how many spacesuits go on each Apollo mission.

Historically, each NASA Apollo Mission required 15 suits. Three suits each were made for all three members of the prime crew, and two for each of the three members of the backup crew.

NASA has a privilege of including in its ranks some of the most acclaimed scientists and engineers of our time. You can trust that if they believe in the importance of a backup plan, it’s probably a good idea to follow suit (pun, totally intended).

In fact, in much of life, we are often encouraged to have a backup plan. We keep savings accounts, health savings, life insurance, and maybe a few of us hide money in a fake book in our office library. Planning for a possible life changing event or an unexpected disaster to become part of our lives. Unfortunately, people in business often totally forget to plan ahead for the unforeseen.

If you want the primary mission of your business to go off without a hitch, it’s important to have your own backup solutions and data recovery plans.

Data Backup Prevents Data Loss

First of all, congratulations. If you are considering a data backup plan, you are way ahead of the curve. A recent industry report found that only 51% of business users within organizations backup their data to on-premises computers or external drives, and only 35% backup their data to the cloud.

If you are disturbed by those numbers, the figures showing what happens when you don’t backup your data will really floor you. For instance, Verizon found that a small data breach where only 100 records are lost would most likely cost an organization anywhere from $18,120 to $35,730, but could cost as much as $555,660.

Now that you know what a financial beating businesses take when they suffer a data loss, you are probably thinking, “I definitely don’t wanna lose my data! What causes data loss?”

Source: ITProPortal 

Typically, data loss occurs due to one or more of the following:

Hardware failure

In the USA, approximately 140,000 hard drives fail every week. It’s also reported that 60% of small businesses that suffer significant data loss will close within 12 months.

Hardware failure, unfortunately, is more of an inevitability than a possibility. Hard drives are not designed to last forever, and they have a definite, albeit unpredictable, shelflife.

Human Error

Raise your hand if you’ve ever accidentally destroyed a computer. Okay, now look around. Again, you’re not alone. As much as 70% of all data center incidents can be attributed to bad operations/human error.

Natural Disasters

Your business is subject to the destruction of nature. When natural disaster strikes, not only are you unable to work, which contributes to catastrophic losses due to downtime, but your physical components are often destroyed. Without data backup, your business may be unsalvageable.

Cyberattacks

A direct cyberattack can cost businesses as much as $40,000 per hour. Most businesses can’t afford, or would at least prefer not to throw away a full-time employees annual salary on a cyberattack.

Creating a solid data backup plan allows your business to continue if you are attacked.

No matter which of the main categories of a disaster you encounter, you will want to establish a solid data backup plan to keep your business running.

Source: Data Center Knowledge

A Disaster Recovery Plan Keeps You in Business

When we use the word “disaster” what we mean is any significant event that might negatively impacted your business. Data loss, by way of any of the four major categories we’ve discussed today, qualifies as one of the primary disasters your business might encounter.

We’ve emphasized the importance of a data backup solution, because it is the first step in maintaining business continuity. For your business to grow, it needs to stay open. Backing up your data ensures that losing physical components will not mean the end of your business.

Data loss will not be the only impact of a disaster. You may have to purchase new equipment, ensure power supply, and keep your network running.

A disaster recovery plan involves data backup as well as other steps to maintain the longevity of your business. In one study, 75% of business owners reported that they didn’t have any type of disaster recovery plan.

While data backup ensures that you have the information to run your business, a full-scale disaster recovery plan will ensure that you still have the infrastructure to run a business.

Things to consider might be: alternate operation locations, backup servers, generators, and more.

Source: Nationwide

GB Tech Can Help

It’s more important than ever to have redundancies in place to protect your business. At GB Tech, we have a history of creating data backup solutions and disaster recovery plans that keep businesses running no matter what unfortunate situations may arise.

If you’d like to learn more about backup and disaster recovery, please give us a call or shoot us an email. We look forward to hearing from you.