Have you ever had files that you needed to get to someone in a hurry only to find that they were too large for email? Are you aware the email is a very insecure method for transmitting data? Not sure what to do?
Here a just a few of the affordable options available to use to send and receive files safely.
You Send It
DropBox for Business
Google Drive – for gmail users
Take a look. It’s easy and affordable to stop bogging down your email and putting your data at risk.
We’ve been talking about website security for several months. As it became clear to us that the bad guys were favoring web server infections as their tool of choice, we introduced ‘Site Custodian’ to help protect the websites we host from the spread of malicious code.
New research from Palo Alto Networks, which was recently written about by Byron Acohido of USA TODAY, validates our concerns and suggests that most of the Malware that is making it into corporate networks is deposited via ‘drive-by downloads.’
A ‘drive-by download’ means that your computer (and likely your company’s network, if you’re connected to it) becomes infected simply by visiting a webpage that has been compromised. You no longer have to actively download anything, and reputable sites may be contaminated.
Over a 3 month time period, researchers at Palo Alto Networks analyzed Internet traffic coming through their clients’ networks. From that data, they discovered that 90% of the Malware got in through web-browsing while only 6% came from tainted emails. That’s a tremendous shift from just a couple of years ago.
The even scarier part of this phenomenon is that these website infections are harder to detect. On average it takes 4 times longer for website contamination to be discovered than it does for a typical email based infection to be found. Plus, current antivirus software cannot block this type of infection. That doesn’t mean that you are helpless to stop malicious code injections. It does mean that it’s up to you to protect your website and your customers. Our advice?
- Understand that you are responsible for keeping your site free of infection. Websites are no longer a build it and forget it proposition – routine maintenance is required and has a cost.
- Follow up with your website developer to ensure that the platform/content management system (CMS) on which your site is built is being updated, maintained, and that known security holes are plugged.
- Talk to the company hosting your site to ensure that the server on which your site resides is ‘hardened’ for security and the operating system is up-to-date.
- Ask your web developer and hosting company about their policies regarding blacklisting and malware removal.
- Ask your hosting company if they use a tool like Site Custodian* to monitor your site for malicious code injections and how infections are scrubbed once they’ve been detected.
*Site Custodian is a subscription based service we offer that will monitor your website for infection, alert us to suspicious code injections, and scrub your site should the worst happen. Contact us for more info.
We don’t have to let the bad guys win. As with almost everything security related in IT, a little education and a few preventative steps today will pay off immeasurably in the long run.
“Small businesses with ‘involuntary’ IT managers lose US $24 billion in productivity annually, according to AMI-Partners study, http://www.microsoft.com/en-us/news/Press/2013/Apr13/04-22InvoluntaryITManagerPR.aspx, April 22, 2013
I bet you didn’t even know there was a special title for the nontechnical person in your office that has the job of managing IT on top of their regular workload. If you’re one of the lucky people that are tech savvy enough to be the designated ‘go to’ person in your office, congratulations – you’re officially an Involuntary IT Manager or IITM.
Microsoft recently released the result of a study they commissioned from AMI-Partners which looks at the impact on the productivity of IITMs on organizations with less the 100 employees. Not surprisingly, forcing nontechnical people into this role usually ends up costing plenty. The study suggests the US small businesses lose $24 billion annually as a “direct result of IITMs taking time away from their primary business activities.”
According to the study ITTMs spend about six hours per week or around 300 hours per year working on IT issues unrelated to their primary job. Other interesting stats:
- 30% feel that IT management is a nuisance
- 26% don’t feel qualified to manage IT
- 6 out of 10 IITMs want to simplify the technology to alleviate day-to-day issues
- Once a company has 15 or more employees the amount of productivity lost to managing IT increases
The study also found that over 30% of IITMs are likely to shift their IT focus more toward hosted and cloud solutions. They are also interested in implementing productivity and collaboration suites. However, they still have concerns about security and privacy, reliability, product limitations, and integrating these solutions within their current infrastructure.
The good news is AtNetPlus loves to assist IITMs. We are happy to help on days when you’re overloaded or if you just need expert advice. Check out our IT Advisor page. It lists just a few of the ways we can bring down your stress level and let you get back to doing your ‘real’ job.
Tell us your IT horror story. Trust us, you’re not alone.
Would you like to learn about WordPress? Do you have a WordPress website and want to learn more about using and maintaining it? I have just the thing for you! Next weekend, on May 4th from 8am to 4 pm will be the first annual North Canton WordCamp at Stark State College.
What’s a WordCamp?
“WordCamps are informal, community-organized events that are put together by WordPress users like you. Everyone from casual users to core developers participate, share ideas, and get to know each other.” –WordCamp Central
The North Canton WordCamp is geared specifically towards basic users this year. We are covering topics such as:
- Jetpack and what it’s all about
- Security and WordPress
- Advanced SEO
- 10 Things to do after the install
- You want to stick that where?
- Say that again in plain English
- There’s a plugin for that
- And more!
So if you’d like to spend the day exploring WordPress, making connections, and collecting some awesome swag, Register Today!
Last week at the Dayton Business Matchmaker event, I gave a workshop on Compliance and Audit for SMBs. While the details vary for different industries and governmental agencies, there are some basic fundamentals that apply for everything.
Sometimes referred to as CIA, Confidentiality, Integrity and Availability must be considered in order to achieve compliance and prepare for an audit.
- Confidentiality refers to preventing the disclosure of information to unauthorized individuals or systems.
- Integrity denotes ensuring that data cannot be modified without detection.
- Availability means that information must be accessible when it is needed.
Each of these elements has risks that should be considered and controls that should be implemented in order to meet compliance standards. The table below provides a quick overview.
Because security is more important than ever to SMBs, we’ll regularly provide more information on these issues. Look for the chance to discuss it further at Talk it over Tuesday on June 18. Registration will open soon. In the meantime, let us know if we can answer any questions for you.