Staying Secure and Compliant After Windows End of Life (EOL)

Staying Secure and Compliant After Windows End of Life (EOL)

In less than a year, support for Windows 7 will be ended, making operation systems patches and updates unavailable, according to a 2018 article. Since this will impact cybersecurity as well as compliance.  Many companies are migrating to a new operating system. A key consideration is protecting your business from data loss and compromise, and in some cases complying with stringent regulations, such as, PCI-DDS and HIPAA. What are the risks inherent in migration, and how can a business navigate the migration? Read on to learn more about handling the coming change and keeping your data safe. Preparing for Windows 7 End of Service With the upcoming Windows 7 end of service, operating systems patches will no longer work on your devices, possibly leaving your network and data open to cyberattack. Not only that, if compliance to regulatory standards like HIPAA is required, a company may incur fines if data is lost or exposed to cyberattack. However, with a detailed plan and preparation, the transition can be made to the new operating system. First, as already mentioned, conduct an audit of all devices still using Windows 7. Determine which mission-critical data and systems need to remain accessible during the migration. Streamlining data and applications—removing old data and obsolete applications—can help alleviate the burden of moving unneeded assets. Once the audit has been conducted and a plan developed with the help of your IT advisor, testing can begin. Test Before Going Live Before going live with the new operating system, testing the plan is vital, to ensure that no data is lost or corrupted during migration. Testing should help identify...
Cybersecurity Risks and Preventive Action

Cybersecurity Risks and Preventive Action

Even with so much information available about how to protect your network and business from data breaches and cyber attacks, a surprising number of businesses aren’t prepared. Read on to learn about how to make your company an exception. Know and Understand the Risk           A recent Forbes article reports on a new survey of 600 IT security and IT Operations decision-makers. The results reveal the level of risk to networks and the level of business’s preparation—and how much education and preparation are still needed. According to survey results, 60% of respondents had a data breach within the last two years, and more than 30% had experienced more than one breach. Vulnerabilities can occur anywhere—in a company’s on-premise systems, or through an employee’s mobile device accessed in an unsecured area. All it takes is one weak spot in the network, to compromise the entire system. Common causes of breaches include lack of security protocols to begin with (52% of respondents), unpatched software (51%), and lack of automation in patch application. Steps to Protect Your Network’s Security Instead of simply lamenting the lack of security, these statistics serve to point the way to achieving network security.  Knowing problems common to businesses can guide your business in what aspects of network security to focus on first. Businesses can start by performing a network audit to find any weak spots where network security vulnerabilities may exist. Be sure to check that OS patches are up-to-date, and that antivirus and anti-malware definitions are current. Monitor endpoints including mobile devices and devices used by remote workers and perform periodic network scans to detect...
Consider Software as a Service (SaaS) as Part of Your Business Model

Consider Software as a Service (SaaS) as Part of Your Business Model

Imagine if your business had a cost-effective and flexible way of accessing data, applications, and unified communications, without the maintenance and management of on-premise equipment. Read on to learn more about benefits and considerations of this service delivery model. Benefits of Using Software as a Service Software as a service, or SaaS, is becoming increasingly more common, with an average expenditure increasing at 78% between 2017 and 2018, according to Forbes magazine. This cloud-based delivery model is one in which companies can  adopt an economical, ready-to-go approach to accessing the latest technology. The software is managed and maintained by a provider, reducing a company’s need to buy, implement and maintain on-premise infrastructure. With SaaS, rapid deployment of applications–Unified Communications, call center, chat, and more–is possible, all using a unified web-based interface. All that a business needs to have is Internet access and a web browser. From a cost standpoint, a business can pay a provider a monthly or annual subscription, rather than investing a large sum up front. Not only that, the capital expense of on-premise infrastructure is converted to an operating expense that can be spread out over a longer period of time. This allows businesses to focus on innovation and long-term company strategy. What to Consider before SaaS Adoption Even with the benefits of SaaS, individual companies need to assess whether it is the right option. Often, small companies with straightforward operations and which are looking to cut costs, benefit the most from a SaaS model. For those businesses that do opt for SaaS, further considerations exist. For instance, is the network robust enough to handle additional...
How Much Downtime Can You Survive Without a Business Continuity and Disaster Recovery Plan?

How Much Downtime Can You Survive Without a Business Continuity and Disaster Recovery Plan?

With disasters–natural and manmade–in the news, preparedness in the form of a business continuity plan is vital. Disaster recovery, or the ability of a business to continue running during and after a disaster, is a key part of business continuity. Read on to learn more about developing a plan to keep your business operating even when things go wrong. The Importance of Being Prepared During a Disaster Recovery Scenario According to an article by CompTIA, 40% of businesses do not reopen after a disaster. A quarter (25%) of unprepared businesses fail within one year. A disaster recovery (DR) plan enables businesses to respond, not just react, in the event of a disaster. It is a subset of an overall plan, and has to do with immediate access to systems and applications–and their associated data. The company can stay in business, without loss of revenue or reputation. Creating a BC/DR Plan: Questions to Consider The first question to consider in developing a DR plan is determining which systems are mission-critical, most crucial to conducting business. Some, such as communications, important applications and data storage, are the most essential; others can wait until the disaster is over. How much downtime can your business handle, without loss of revenue or reputation? With regard to data storage, consider whether it should be kept on-premises or be stored remotely in a data center. Is the network redundant; that is, if one section goes down, can another take up the load in its place? For data storage, the cloud can also be a good option, and using the cloud has become a trend in recent...
The Importance of a Business Continuity Plan

The Importance of a Business Continuity Plan

With some parts of the country heading into tornado season, and with natural and man-made disasters a possibility anywhere, there’s no time like now to consider how to keep your business running in the event of a flood, fire, earthquake, or even a cyber attack. A Business Continuity (BC) plan keeps your business running both during and after a disaster, minimizing downtime and the resulting loss of revenue and reputation. Read on to learn more about what such a plan can mean for your business. The Cost of Not Being Prepared An event such as a storm or a cyber attack has the potential to severely impact your business. According to technology research firm Gartner, businesses that experience a data disaster have a two-year survival rate of just 6%. Also, for every hour of downtime, $42,000 can be lost. Moreover, the loss of reputation of your business if customer data is lost or leaked, can be significant. If your business is in an industry subject to special regulations (HIPAA, for instance), data compromise can bring about fines and other penalties. To avoid these consequences, and to get the best results from your business’ technology budget, ask questions to assess your risks. Components of a Business Continuity Plan One key consideration is which components of your business are mission-critical. Perhaps it’s maintaining access to data that is needed to run the business. Or it’s keeping the data you have safe. Perhaps it’s ensuring employees within your company can communicate with each other by email. Another part of the plan is to determine recovery-time objectives, how long your business can be...
Keep Your Network in Compliance, and Healthy Too

Keep Your Network in Compliance, and Healthy Too

A company’s network is the backbone of its IT infrastructure, depended upon for connection to customers, potential customers, vendors and employees, as well as public and private cloud infrastructure. Not only that, your network’s health is one of your best defenses against cyber threats. However, to stay healthy and in compliance with standards and regulations, you need to be proactive. Read on to find out how to keep your network in good health and compliance. Marks of a Healthy Network According to an article on network health, a company’s computer network is ideally flexible, efficient and secure. It links you to services essential for your business-critical applications to remain available and run smoothly. Offsite backup is also dependent upon the condition of your network. Just as important as working well, it needs to be secure, with no intrusions by malware, viruses, or unauthorized users. Your data needs to be protected whether or not your business is subject to industry regulations like HIPAA or PCI-DDS. Provided your network is already in good shape, network compliance will be easier as will avoiding fines for non-compliance. How to Improve and Maintain the Health of Your Network Both technological and human resources can work together to keep your network in tip-top shape. Your servers need to have up-to-date operating system patches (ideally automated) and current anti-virus and anti-malware definitions; these definitions need to extend to every device connected to your network. Make sure to monitor your network, looking for possible intrusions, weak spots, and any element possibly out of compliance. Consider an offsite network monitoring application that can work twenty-four hours a day....