How to Destroy Data Properly

How to Destroy Data Properly

When we accidentally delete something, it feels like the end of the world. If a client file or new presentation is deleted, you may have to start again. Oh no! Yet deleting files is not as permanent as you may think. When it comes to destroying data properly, you’ll want to take a more thorough approach.

Deleting items, or “trashing” them, doesn’t permanently remove them from computer memory. While the data is still stored on your device’s hard disk, it’s possible someone could restore that deleted data.

Data does reach a point at which it’s no longer useful, and you are no longer required to maintain it. Nevertheless, it may still be valuable to cybercriminals. Bad actors can use names, addresses, credit card numbers, banking accounts, or health data. You need a policy to destroy paper records, magnetic media, hard drives, and any storage media.

Your obligation to protect customer and staff information extends to properly destroying all identifying data. Installing a new operating system isn’t going to do it. Encryption doesn’t do the job if the cybercriminal can figure out the password.

Some industries require you to prove you have correctly destroyed all data. Even if you have no compliance standards to meet, carefully dispose of any computer-related device. Whenever you are recycling, discarding, or donating an old computer, disk drive, USB stick, or mobile device, make sure the data is already properly deleted or destroyed. Otherwise, criminals could get their hands on confidential business information.

Fully, Safely Destroying Your Data

So, what do we mean by “properly” destroyed? You know about shredding paper documents. You can actually do the same with some devices. You might send the computer or device to a company with a mega-shredder. When compliance matters, keep a record of the chain of custody of the data throughout the process.

Overwriting the data, often called zeroing, is another solution. No data is properly deleted until it’s written over – that’s where the information is hidden under layers of nonsensical data and cannot be retrieved through disk or file recovery utilities. Think of this as writing three new books over the top of the pages of an erased book rather than just ripping the pages out.

With magnetic devices, you can neutralize the magnetism (degaussing) to break down the data. This scrambles up the data beyond recovery. A strong degausser will turn the device into a shiny metallic paper weight. An ultraviolet erase could be necessary for some erasable programmable memory. You might also need to perform a full chip erase.

If you’re really committed to destroying data, physically destroy the device. There’s the shredding solution, or you might actually pay to have the device smelted or pulverized.

Other Components to Destroy with Data

Don’t forget proper disposal of printers, too. Run several pages of unimportant information (maybe a font test) before destroying a laser p6rinter. With an impact printer (if you still have one!), you’d want to destroy all ribbons, too.

One last element you might think about? Business monitors. You’ve probably seen a computer screen with information burned onto it. Before donating or recycling a monitor, inspect the screen surface and destroy the cathode ray tube.

Now, that’s what we call being thorough about properly destroying data. Need help with proper disposal of computer data or equipment?

We can help. Contact our experts today at 504-323-7111

Want to know more?

Get in Touch with us

Locking Up Cybersecurity with a Managed Services Provider

Locking Up Cybersecurity with a Managed Services Provider

Cybercrime is not the most costly of illegal activities. That dubious distinction goes to government corruption, followed by drug trafficking. Cybercrime comes in third. Yet cybercrime does take the top spot when it comes to numbers of victims. A managed services provider can help.

Cybercrime has hundreds of millions of victims. Two-thirds of people online have experienced personal information theft or compromise. A 2018 McAfee Security study suggested that represents more than 2 billion individuals!

If any of those people works at your business, it could mean trouble for your security, too. Why? People tend to think they have too many passwords to remember. So, they use the same login information again and again. That means a criminal could leverage employee data to access business systems, too.

Cybercrime is a global problem for both individuals and businesses. The bad actors, after all, can make big bucks from their crime with low risk of discovery. The global cost of cybercrime is an estimated $600 billion a year. And no one and no business is immune.

More people are going online. Businesses are becoming more reliant on digital transactions. Cybercriminals are quickly adapting. They’re motivated, but are you?

Securing Your Business with an MSP

It’s safe to say your Information Technology team has a lot to do. Everyone at your office is working hard, but is cybersecurity getting the attention it deserves? Ultimately, there is no better way to keep your systems secure than with managed services.

A managed services provider (MSP) helps your business stay ahead of security threats. Finding out about risks or vulnerabilities after the fact is no good. That’s like closing the barn door after the prize stallion has already bolted.

An in-house cybersecurity team providing 24/7 protection isn’t workable for most businesses. It’s cost prohibitive for most small and mid-sized businesses.

Working with an MSP is a more affordable alternative. You avoid investing in the latest technology and building up an on-premises infrastructure. Instead, you pay a consistent fee for the MSP to handle technology patching, monitoring, and assessments.

The MSP uses well-tested, leading-edge tech to stay on top of cybersecurity threats. This strategic partner can:

  • set up security on your infrastructure;
  • oversee your company’s security systems;
  • ensure regulatory compliance;
  • track threats 24/7;
  • maintain strong data protection.

An internal IT team oversees many areas, but the MSP focuses on continuous monitoring. It keeps up to date on the global threat landscape and any industry vulnerabilities.

Still not convinced that paying an MSP is worth it? The average cost of a lost or stolen record was $148 per record in 2018. You might view working with an MSP as paying for insurance. With ongoing monitoring an MSP helps your business avoid security breaches. And their devastating costs (including to productivity, compliance, revenues, and brand reputation).

This extension of your security staff helps maximize resource efficiency. And their day-to-day focus is on reducing risk and minimizing damage from cyberthreats. With an MSP you add dedicated security experts to your team. Secure your technology while gaining advanced threat intelligence and customized security strategies.

A managed services provider identifies vulnerabilities and secures your business environment. Stay ahead of cybersecurity threats with an MSP. Find out more today!

Call us at 504-323-7111

Want to know more?

Get in Touch with us

Handle with Care: Sending Data Securely

Handle with Care: Sending Data Securely

In our digital economy, we send and receive information quickly online. The Internet offers immediate communication with colleagues, clients, vendors, and other strategic partners. Yet we shouldn’t prioritize convenience over data security.

What data do you send in a day’s worth of emails? Sensitive data you send might include:

  • personally identifiable information (PII);
  • credit card or payment card information;
  • attorney–client privileged information;
  • IT security information;
  • protected health information;
  • human subject research;
  • loan or job application data;
  • proprietary business knowledge.

The problem is people sending without thinking about the security of the transmission. One way to gauge the need for security is to consider how you might send that same information via the postal service. Would you put that data on a postcard that anyone could read? Or would you send a sealed, certified mailing and require the recipient’s signature?

Transmitting data on the Internet in plain text is like the postcard – anyone can read the information. And before you think that no one can actually see your data in transit, think about where you are sending from. Your office network may be password protected and secure, but what if someone waiting for their coffee at Starbucks opens the message using the free Wi-Fi network?

Anyone can intercept communications on open networks with the right tools. This type of cyberattack is common enough to merit its own name: a “man-in-the-middle” attack.

So, how can you stay safe when sending sensitive data?

Embrace encryption. Encrypting the data is like sending that sensitive information in a locked box. Encryption encodes the information to add a level of security. If encrypted data is intercepted, the scrambled data is unreadable by unauthorized users. Only a user with the correct decryption key can access the text.

Encryption also provides additional confirmation that the information is coming from a reliable source.

Your business should also require Secure File Transfer Protocol (SFTP) for sending and receiving large or numerous digital files. You may have heard of FTP, but this file transfer protocol is not encrypted. SFTP is the secure version of FTP, as it encrypts the files in transit. If a nefarious entity does intercept the files, it won’t be able to read them without the decryption key.

Specifically, encourage your employees to:

  • use encrypted email only (common providers such as Gmail and Outlook support it; others require third-party apps or services);
  • encrypt files before sending to the cloud (in case accounts are breached or services hacked);
  • never open business communications on unsecured Wi-Fi networks;
  • keep good track of laptops and other portable devices and use drive encryption in case – with encryption, a lost laptop or stolen thumb drive is more secure, and criminals will have a difficult time stealing sensitive information, too;
  • control data access – grant permission to view, edit, or send files with sensitive information only to users who need that data for their jobs.

Managed service providers help your business decrypt how to send its sensitive information. Turn to experts in cloud services and IT security to learn how to securely send and receive data.

Contact us today at 504-323-7111!

Want to know more?

Get in Touch with us

Island Hopping: Not Always a Good Thing

Island Hopping: Not Always a Good Thing

The phrase “island hopping” conjures up positive images. You might think of cruising beautiful sandy beaches on a tour of tropical islands. Too bad cybercriminals have given the term a new, less pleasant spin.

Island hopping is an increasingly popular method of attacking businesses. In this approach, the cybercriminal targets a business indirectly. The bad actors first go after the target’s smaller strategic partners. So, vendors or affiliates, who might not have the same level of cybersecurity, become stepping stones to hop.

Attackers might hack into smaller businesses handling the target’s HR, payroll, accounting, healthcare, or marketing. Then, they take advantage of the pre-existing relationship to access the final destination.

Humans are trusting. Cybercriminals exploit that. With island hopping, attackers leverage the trust established between strategic partners.

It’s quite simple: attackers gain access to Company A and send a counterfeit business communication to Company B. Company B, knowing the sender, is less likely to question a download link or opening an attachment.

After all, it’s not coming from a stranger; it’s a message from perfectly pleasant Jenny at Company A. You may have in the past already shared logins to various sites/portals, or passwords to unlock zip files.

The Rise of Island Hopping

This is not a brand-new form of attack. In fact, it’s named after a military strategy which the United States used in World War II to establish a stronghold in the Pacific Islands.

Perhaps the best-known island-hopping cyberattack was seen in the United States in 2013. Retail giant Target was the aptly named target of a point-of-sale system breach. Hackers stole payment information from 40 million customers. The first “island” in the planned attack was Fazio Mechanical Services. The heating and refrigeration firm suffered a malware attack shortly before Target’s breach. Fazio’s hackers stole email credentials needed to access the retailer’s networks.

As enterprises continue to strengthen their cybersecurity, it’s predicted that island hopping will gain momentum. According to Accenture’s Technology Vision 2019 report, less than a third of businesses globally know how strategic partners secure their networks. A majority (56%) rely on trust that business partners would uphold security standards.

Preventing Island Hopping

You may be one of the islands to hop or the attackers’ final destination. It depends on your business size and industry. Either way, your business is vulnerable to malware attack, infected systems, or a data breach. Plus, if you’re the stepping stone, you’re likely to lose the target company’s business, too.

How do you prevent island hopping? First, secure your own networks and systems:

  • Follow best practices to detect and identify vulnerabilities and reduce risk.
  • Educate your employees about the dangers of business communication scams.
  • Raise awareness of phishing schemes and social engineering.
  • Require two-factor user authentication.
  • Change all default, generic, or predictable passwords.
  • Keep security up to date (patching and system upgrades are mandatory).
  • Control who can access your networks and servers.
  • Protect all endpoints (including employee devices in a Bring Your Own Device workplace).

When it comes to cyber island hopping, your business doesn’t want to be a layover or the final destination. Keep your cybersecurity borders tight to avoid unwanted visitors.

Want to make your business inhospitable to island hoppers? Work with a managed service provider. They can help assess cybersecurity, provide a plan to reduce risk, and upgrade technology. Let us support your efforts to fend off unwanted tourists.

Give us a call on 504-323-7111.

Want to know more?

Get in Touch with us

Avoiding Growing Pains — Tech Tips for a Thriving Business

Avoiding Growing Pains — Tech Tips for a Thriving Business

Maybe you started your business in a basement or home office. It was just you at the beginning. Then, your service or product gained traction. The number of staff grew, and you moved into an office. It’s amazing how far you’ve come. Better still, your business continues to grow. It may be time to consider some of these tech tips to help your thriving business.

 

#1 Upgrade to Business-Grade Cloud Services

Perhaps you’ve been relying on free software from Gmail, Outlook, or Dropbox. Who can argue with free email, calendars, collaboration and file storage right? Well, it may be time to upgrade to the business versions of the software your team relies upon.

Move from Gmail to Google Apps, or Outlook to Office 365, or Dropbox to Dropbox Business. For a small monthly fee, you gain business-grade features.

The basic Google Apps offers business email, video and voice conferencing, secure team messaging, shared calendars, 30GB cloud storage and document, spreadsheet and presentation creation. Plus, you gain greater security and administration controls. Right now, a disgruntled employee could refuse to give up control of a business account.

You’d be out of luck. With Google Apps, your business would control all accounts and could simply reset the password.

Or Dropbox Business provides added storage space and user activity and sharing auditing. Unlimited file recovery and version history make recovery easier. A remote wipe feature protects files on a stolen device). 

#2 Revise your backup strategy

A consumer grade backup setup was enough when you were only dealing with one computer. Now that you have many computers, it’s worth enhancing your backup strategy.

With 3-2-1 backup, your business has a minimum of three backups. Two would be onsite (but separate from one another) and the other offsite. We recommend the cloud. Having your backups in a unified location helps efficient recovery if disaster strikes. With cloud backup, your data is encrypted for storage in the cloud. You can set parameters for how often data is backed up and confirm that it is backing up correctly. Then, if something does go wrong, you can access essential data from anywhere, anytime via the cloud.

#3 Consider Cloud-based Accounting Services

Traditional small business accounting software requires a large database on the desktop computer. As more people need access to the database, the problems start. With multiple people accessing the accounting software:

  • The network can slow when people try to access it remotely
  • Changes can’t be made while someone else is in database
  • Data can get mismatched depending on who has the “newest” version

Cloud-based accounting packages address these challenges. With online accounting software, it’s easy for your business to scale. Business owners can connect to the data from any device with an Internet connection. Plus, in the event of a disaster, productivity won’t suffer as the information is safe and secure on the cloud.

#4 Outsource your IT

Your expanding technology allows you and your staff to do more than ever before. Great. But it also takes extra resources to monitor, manage, and secure it all. By outsourcing IT, your business gains IT expertise. Meanwhile, your in-house IT team can focus its efforts on driving growth.

Outsourcing IT also provides long-term cost savings by reducing downtime, cutting infrastructure costs, and improving security to avoid costly cyber-attacks.

Keep your business growth in check with an eye out for value-adding initiatives.

Want to know more about the benefits of any of these tech tips? Give us a call at 504-323-7111.

Want to know more?

Get in Touch with us

Building a Good Relationship with your Managed Service Provider

Building a Good Relationship with your Managed Service Provider

Good relationships are essential to your business success. Connections with customers, clients, vendors, suppliers, and service providers impact your bottom line. Here’s how to develop a strong relationship with your Managed Service Provider (MSP).

Your MSP manages your IT and protects your end-user systems for a consistent subscription fee. Businesses partner with MSPs to:

  • Improve efficiency and flexibility
  • Enhance security and compliance
  • Take a proactive approach to system maintenance
  • Reduce costs and enjoy predictable pricing
  • Gain access to new technologies

 

Along with overseeing smooth IT operations, the MSP’s experts can advise and consult. The following strategies can help you build a good relationship with your MSP.

 

Open the Lines of Communication

Transparency in the relationship can make a big difference. With a deeper knowledge of your needs, the MSP can better plan your technology solutions. Communicate goals and the direction you want to take your business. This lets the MSP collaborate to enhance your IT capabilities.

A service provider frees up internal IT staff for strategic planning, special projects. If those initiatives mean are going to affect your systems now or in the future, let the MSP know in advance. Being aware of small changes can help them prevent a much bigger problem down the road. After all, the MSP team offers deep understanding of your technology and security. Getting their input can help you see a bigger return on investment from any new IT plans.

Invest the Time Upfront

As with any relationship that will stand up long-term, you’ll need to invest some time upfront. Taking a “pay and be done with it” approach will reduce the relationship’s value. 

You don’t want a “one size fits all” IT solution from your MSP. To solve IT problems with a tailored solution, the MSP needs to understand your needs. They need to survey and access existing technology and understand your IT strategy.  

This can seem counterintuitive. Why am I spending more time now talking about IT when the goal is to think about it less? Because this “getting to know you” phase is critical to a successful setup. Your MSP wants to provide a superior service. To leverage available tech, they need to know how to setup a solution that satisfies your needs. The good news is that once it’s up and running, your time spent managing and monitoring IT is dramatically reduced.

Establish Roles and Responsibilities

Knowing what to expect of the relationship will help too. You’ll want a clearly defined Service Level Agreement. In setting that up, remember any relationship is better when you know and play to strengths. In establishing the MSP partnership parameters, honestly assess in-house IT strengths and weaknesses. Craft an agreement that lets your people do what they do best, and gets the MSP team to fill in the gaps. This lets everyone contribute something of value, which is always a good thing.

Review the Relationship

No, you don’t need to go to couples counseling together. Still, it will help your relationship with the MSP if you check-in regularly. Someone at your business should have scheduled updates with the MSP account manager. This is an opportunity for you both to explore what’s working and what’s not and discuss future plans.  

Relationships grow and evolve. Laying the groundwork from the outset for a good relationship with your MSP. You’ll be glad you did. The better the relationship, the bigger the benefits to your bottom line.

 

Looking for a new MSP relationship to support your IT needs? Give us a call at 504-323-7111. 

Want to know more?

Get in Touch with us