Tag Archives: information technology company

New Year’s Resolution: Craft a Business Continuity Plan

New Year’s Resolution: Craft a Business Continuity PlanNew Year's Resolution

 

Another year of data collection, natural disasters and cyber attacks has come to a close. Although we can only guess at what mother nature has in store for us in 2018, one thing is guaranteed, security threats won’t abate and could get much worse in the new year. And lets not forget the leading causes of data loss in small businesses: human error and hardware failure. All these equate to one simple conclusion, it’s time to move data protection to the top of the to do list and 2018 is the year to ensure business continuity for your organization.

Downtime is a killer

With the importance and reliance on technology in day-to-day business, it is critical that every organization has a complete solution to deal with the threat of data loss and continuity of operations. If access to mission critical applications and data isn’t available within hours following a disaster or human error small to medium businesses can suffer severe repercussions. It’s 2018 – traditional and antiquated backup methods such as tape and disk are insufficient at protecting businesses from the crippling and costly effects of downtime.

A natural disaster, power surge, viruses, hardware failure, or even accidental deletion can wipe out years of data. Businesses cannot afford to lose time attempting to rebuild their lost, vital information. It is critical that the data is recoverable and spun up in a short period of time.

The 4 Business Continuity Planning Essentials eBook is your first bit of homework. This ebook, outlines four distinct but interconnected business continuity planning essentials:

  1. Crafting an employee safety and communication plan
  2. Craft a customer communications plan
  3. Enable IT Uptime
  4. Ensure Continuity of operations and avoid downtime

So what is the difference between Business Continuity and Data Backup?

Although overlapping, these terms represent uniquely different mindsets when it comes to data protection. Data backup answers the questions: is my data safe? Can I get it back in case of a failure? Business continuity, on the other hand, involves thinking about the business at a higher level, and asks: how quickly can I get my business operating again in case of system failure?

Successful backup is the foundation for disaster recovery and business continuity. But in case of failure, you have to get that data back and restore it quickly enough so your business doesn’t suffer. For example, if your server dies, you wouldn’t be able to quickly get back to work if you only had file-level backup. For you to start working again, your server would need to be replaced, all software re-installed, data re-installed and then the whole system would need to be configured with your settings and preferences. This process could take hours or even days—and in the meantime, your users can’t get their jobs done.

It is crucial for businesses to know exactly what to look for in a backup solution. This guide outlines the key criteria for SMBs to keep in mind when seeking out total data protection. And this video examines the key differentiators for various types of backup.

Let’s calculate your RTO & RPO

Many organizations do not have a comprehensive way to determine the actual costs of downtime for their business. Utilizing RTO & RPO are valuable in calculating downtime loss and gives SMBs a better understanding of the risks relating to business failure. Thinking about business in these terms puts your backup solution into perspective.

  • RTO (Recovery Time Objective): The duration of time within which a business must be restored after a disaster or disruption to avoid unacceptable consequences associated with a break in business continuity.
  • RPO (Recovery Point Objective): The maximum tolerable period of time in which data might be lost due to a disaster.

By calculating your desired RTO, you have determined the maximum time that you can be without your data before your business gets into serious trouble. Alternatively, by specifying the RPO, you know how often you need to perform backups, because you know how much data you can afford to lose without damaging your business. You may have an RTO of a day, and an RPO of an hour. Or your RTO might be measured in hours and your RPO in minutes. It’s all up to you and what your business requires.

Once you determine your RPO and RTO, it’s time to calculate how much downtime and lost data will actually cost you.

Answer the following questions:

  1. How many employees would be affected if critical data were unavailable?
  2. What is the average wage of the affected employee (per hour)?
  3. What is the per-hour overhead cost of the affected employees?
  4. How much revenue would be lost per hour as a result of the unavailability of data?

Add up the average per-hour wage, the per-hour overhead, and the per-hour revenue numbers and you have how much a data loss will cost you. Given that funding and budget constraints can be the top challenge (43 percent) for a business to implement a business continuity solution, calculating your RTO will give you the financial validation needed to justify its purchase and maintenance. The Datto Recovery Time Calculator is the tool you need to evaluate your Recovery Time and Recovery Point Objectives.

The final piece – Testing

Testing is a vital piece to making sure your backup is functioning properly, establishing true Business Continuity. It is the only way to reveal gaps in your plan and address them proactively.  It is also a great benefit to your employees.  If your team is well versed in the process and procedures things will run more smoothly.

  • Helps validate plan content and ensure that the identified strategies are capable of providing response and recovery results within the timeframes (or capabilities) approved by management.
  • Highlights weaknesses and areas for improvement, or where capabilities fail to align to business continuity and IT disaster recovery requirements.
  • Provides critical hands-on training to the personnel responsible for the response and recovery activities (which ensures an appropriate level of performance and develops confidence).

Testing your plan should also be conducted with an IT solutions company specializing in complete data solutions to maintain the integrity of your system and ensure compliance. The test is scheduled for a time that will avoid an interruption in your business productivity and will have no impact on your network. A virtual test provides the only reliable environment for predicting the impact of change and is an excellent way to test patches or perform upgrades.

Every business has to prepare for the worst. Those that don’t may never fully recover from a disaster. This is one New Year’s resolution you’ll be happy to keep. So grab your disaster recovery checklist and let’s welcome the new year with a rigorous business continuity plan! Ancero certified data protection solution specialists are ready to provide your free, no-obligation business continuity assessment. Ancero is a full service IT company and is proud to be a Datto Blue Partner data service provider. Data Protection could be your best investment in 2018!

Contact Us

Want to learn more about data security? Here are additional resources for you:

13 RansomWare Statistics That Will Make You Rethink Data Protection

CEO? Here’s Why You Care About Business Continuity And Disaster Recovery

HealthCare Company? Cure Your IT Ailments with Business Continuity

Law Firms: Don’t Take A Recess From Business Continuity

 

New firewalls, new protections, no upfront capital expense!

sonicwall tz seriesNew firewalls, new protections, no upfront capital expense!

Don’t fight the threats of today with the technology of the past. Upgrades are essential to your security. Ancero Managed Security as a Service (SECaaS) combines the security of a SonicWall firewall appliance with Ancero managed IT services, reporting software, and content filtering, plus all related warranty and subscription services in a bundled solution at a low monthly subscription price. Always have a current firewall with no capital expenditure. The SonicWall firewalls and management software deliver the features, flexibility and visibility you need to fight threats without slowing down your network.

With Ancero SECaaS, all the necessary data security components are bundled into a convenient monthly subscription price with no upfront hardware investment required. Deploy a network security solution that fits within virtually any budget!

What’s included with SECaaS?

  • Firewall hardware
  • Advanced software solutions
  • Security configuration
  • 24×7 Monitoring and management
  • On-Demand Reporting
  • Content Filtering
  • Hardware flexibility
  • Ancero support service

Always have a current firewall with long-term flexibility to upgrade equipment as your needs change and as technology changes. Eliminate your capital expenditure with no upfront cost for hardware, and pay a predictable monthly service fee for security instead. SECaaS is available across the entire SonicWall product portfolio – from the smallest to the largest firewall.

Eliminate time consuming management when you outsource your network security to Ancero, the leading managed service provider. We install, configure and deploy your security solution – managing everything for you, plus 24×7 Ancero support. SECaaS includes many of the SonicWall network security services that are essential to your data protection, including their Capture Advanced Threat Protection.

For the full features and list of benefits download our Managed SECaaS brochure.

The #1 selling small business firewall, the SonicWall TZ firewall, delivers the same level of security, performance and manageability as firewalls used by banks, government agencies and large businesses. Watch the video or download the TZ firewall technical data sheet

Ready to upgrade your old firewall? Call Ancero, your full service IT company, to discuss this new Managed SECaaS service 856-210-5800 or email us at sales@104.219.251.195.

VoIP is not immune to security threats

VoIP is not immune to security threats

VoIP securityThe many benefits of switching to a VoIP system from traditional telephony are why it has become widely adopted by businesses everywhere. But since most businesses view the switch to VoIP as just an upgrade to their phone system, the importance of VoIP security rarely crosses their mind. VoIP’s technology has inherent vulnerabilities that can pose a risk, but with the right security measures set in place, VoIP can be secured to prevent attacks or misuse of services. Security specifically for VoIP communications can be examined in three important parts:

What do you need to protect?

  • Keep your VoIP service running continuously, without disruptions or downtime
  • Protect sensitive customer information and business data, including call transcripts and transaction records
  • Prevent unauthorized users from making calls, and gaining access to your network
  • A secure VoIP system will help your business maintain compliancy standards

Who are you protecting against? Understanding where threats may come from and the motivations behind the attacks is critical. The main threats generally come in three forms:

Toll Fraud: A person or organization that wants access to VoIP services can piggyback on your system to gain free international or long-distance calls and data transmissions.

DoS attacks: Denial of Service attacks, organized assaults on a VoIP system are initiated to gain access to confidential information, along with telephone numbers, IP addresses, etc. This sensitive data can then be sold to competitors, or used to redirect calls for other purposes. DoS attacks are not always financially motivated. Sometimes the intent is simply to disrupt or shut down a network and may have been initiated by a disgruntled ex-employee or a sneaky competitor.

SIPVicious attacks: SIPVicious in its benign form is a developer tool used to audit the state of your SIP network. But the tool can be corrupted for bad intentions and used to gain access to a network or shut down systems, crippling your business.
What security measures are needed? VoIP security measures are not that different from data network security and layered steps work best.

Encryption – Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are the standards for data encryption. These measures encrypt or scramble information so that it cannot be easily deciphered if the data transmission is intercepted.

VLAN – A VLAN segregates broadcast domains between networks. Because it separates voice and data, you can apply different security measures to your voice and data packets while improving the performance of your VoIP system. A VLAN is a good security measure for remote phones that connect to the business network.

Network security – It is just as important that your business network infrastructure is secured with firewalls, antivirus, gateway protection, end point security measures. Software patches and updates should be run regularly to keep systems up to date and eliminate vulnerabilities. To prevent outages and downtime, a redundant power supply, backup servers and regular data backups should be built into your VoIP network.

User Security – Educating the user is vital to preventing human error. Employees must use strong voicemail passwords, be educated about threats and how their actions can either help or hurt security. Employers must set and enforce security policies. For instance, applying a pin code for international calling is a common security measure to prevent unauthorized international calling. If a business is lax with precautions, they may not even know when a breach has occurred until after the damage has been done.

Businesses shouldn’t shy away from a VoIP phone system due to security concerns. The benefits far outweigh the risks! Just as with any technology, when you take the necessary steps to ensure that your system remains secure, risk becomes greatly minimized. Many of the VoIP systems available today include robust security protocols as part of their offerings. Be sure to inquire with a VoIP service provider about built in security options if you are planning a move to VoIP.

Take a look at Ancero’s Utility VoIP cloud based phone system. Our award winning Managed Communications services can help you plan a communications strategy perfect for your business needs.