Tag Archives: internet security

Backup keeping your data safe

Posted on by
4

People most often consider a backup of their data when it is too late. I am sure you have heard of many horror stories of people losing all their data. The best insurance policy you can have for your business is to have a copy of your files that will enable you to continue your operation in the situation of some disaster. This guide will look at what you should back up and how to do it.

In information technology, a backup or data backup is a copy of computer data taken and stored elsewhere so that it may be used to restore the original after a data loss event.
Source Wikipedia

WHY do you need to backup your data?

Disaster can strike at any time and can come in many forms.  You could lose your data from:

  • Theft
  • Fire
  • Equipment failure, for example, hard drive failure
  • Data corruption
  • Malware or ransomware (see the guide on internet security)
  • Data is accidentally deleted

In theory, if you have a copy, especially at an offsite location, you can then use this to get yourself back to before the disaster.

WHAT do I need to consider in backing up my files?

Backups are periodic, short term images of files for disaster recovery purposes. Archiving, meanwhile, refers to the long-term storage of data that is no longer in regular use but can be restored if need be.  

Three rules of backing up:

  1. Backup regularly
  2. Backup to a reliable medium
  3. Backup to an offsite location

Just as important as backing up your data is the ability to restore your data.  If you cannot restore, then the backup is useless. Understand how to restore and keep a copy of, or know the download location of the software that will restore.

Label your backups, so you know which is the latest.

What data should you backup?

Everything!  Any file that you have created or modified should be backed up.  For a small business, this will include everything from accounting files to emails.  If you are using cloud-based applications, ensure that the vendor has appropriate backup procedures and save a copy of your cloud data locally so if their systems fail, you can still restore it.

HOW do I back up my data?

To back up our files, we need to decide on a medium, select a schedule and develop a process to complete the backup.

Media Options include:

  • USB (thumb) drives – a low-cost physical device that must be moved offsite.
  • External Hard drives – a larger capacity physical device that must be moved offsite.
  • Shared or NAS storage (see our guide on shared storage) – onsite network attached storage for local copies across multiple devices. (Easy way to implement a backup policy)
  • Cloud Storage – subscription-based storage with its own backup and security. Requires internet.

The best practice for a small business would be to backup all the files you are using. Make a  copy to keep at your office and an additional copy at an offsite location.

Set a schedule of how often this should be done.  The rule of thumb is how many days of work you can afford to lose.  As a general rule, either daily or weekly.

Finally, what is the process to actually do the backup?

  • Manual task – A person has the task of manually doing the backups based on a prescribed agenda.
    • Very labour intensive
  • Application-based – automatic routine as set up in an individual OS or application.  For example, Windows 10 can be set up to automatically back up all data off your PC
    • Only good for individual PCs or applications
  • Specialised backup software
    • Costs more but may automate the entire process
  • Combination – Hybrid of the above 3.

We strongly recommend that you discuss this with your IT Support organisation as they will have the right knowledge to suggest and set up the right solution for you.

HINTS

Sync is not backup. With sync services such as cloud-based Dropbox, Box, Google Drive, OneDrive, or others, if you accidentally delete a file on one device, it’s gone on all of your devices as soon as the next sync happens.

Getting this solution right will take a bit of homework, but in the event of failure will save you big time.

When moving your confidential files, always ensure they are secure.

Consider having some backup log to understand what you have from when.

A full backup will back up everything.  An incremental backup will only backup those files that have changed since the last full backup.  Incremental backups will be much faster.

SUMMARY – Secure data backup

Data backup of all your files means that you can restore and keep working in the event of a disaster.  Back up solutions can be low cost and high maintenance through to high cost and automated.  Backups should be done reliably, securely, regularly, and kept at a different location.

Samsung Galaxy Enterprise Edition for business mobility

Posted on by
3

Samsung Galaxy Enterprise Edition refers to a suite of hardware and software solutions laser-focused on business mobility needs.

While a business can buy affordable off-the-shelf consumer-grade phones or tablets, it has special needs these do not address. Security, financing, roll-out, life-cycle management, maximising productivity, dual profiles (work and personal), warranty (24×7 support and replacement) and more are the differences between being business-critical and business inconvenient.

Danny Mandrides, Head of Samsung’s Enterprise and Government Mobile Business, briefed analysts and journalists on Samsung’s business initiatives for 2021.

“I Iead a team of professionals who enable Australian businesses to rethink how mobile devices and applications can improve their business processes and increase productivity. Mobile technologies such as Smartphones, Tablets, Wearables, M2M, IoT and Applications are at the heart of business disruption and transformation.”

Samsung Galaxy Enterprise Edition highlights

 Mandrides spoke of the significant advances Samsung had made with its ‘Mobile First’ strategy, including

  • Developing the Knox for Enterprise suite to cover end-to-end device security, enforce security governance on the device, and a range of automatic deployment tools.
  • DeX  (Desktop eXperience) allows the use of many Samsung devices as a PC – just add a monitor and keyboard/mouse via cable or wirelessly.
  • Closer partnership with Microsoft to deliver Microsoft 365 productivity tools, Microsoft Windows Virtual Desktop, OneDrive Azure cloud storage and Link to Windows, a seamless workflow between mobile and PC.
  • Partnership with Telstra for financing, fleet management and Microsoft Azure services
  • Business rugged Galaxy Tab Active series – Tab Active 3 Wi-Fi/4G, Tab S7 and S7+ Wi-Fi/4G/5G, Tab Active Pro Wi-Fi/4G  and other Samsung consumer Tablets with Business-grade Knox security
  • Business rugged mobiles like the Galaxy XCover 5 and Pro.
  • More importantly, a range of its consumer smartphones with Business-grade Knox security in 4G and 5G including Galaxy S21/+/Ultra, Note 20 Ultra, S20 FE, S20/+, A90 and more recently, its low-cost A32 5G that at $480 democratises 5G in a ‘fleet’ device.

Now Australian Signals Directorate approved for sensitive and protected use

The icing on the cake was the acceptance of Galaxy S20 FE, S20 FE 5G, Note20 and Note20 5G by the Australian Signals Directorate. These Samsung mobile devices have approval for use in ‘Sensitive’ and ‘Protected’ deployments. But more than anything, the Galaxy S20 FE (GadgetGuy review here 9.8/10) brings a $799 device to a market dominated by iOS devices costing two to three times that.

Moving forward

Mandrides said

“We’re living in a world of dispersed workforces, and enterprises are putting mobility at the heart of their operations to thrive and survive. This year, we will open a wider range of options for our mobility customers in Australia with the launch of Galaxy Enterprise Edition, continued deployments of our customisable Knox security platform, as well as enhancements to how we optimise Samsung DeX.”

Samsung Galaxy Enterprise Edition in 2021 means more devices with push to talk (walkie-talkie style), more convergence (devices that have barcode and QR scanners, mobile POS, 5G and other productivity features like DeX and even removable batteries), and new devices that are IP68 rated and comply with the new MIL-STD 810H (see an overview of the differences between 810G and H here).

Whatever size business you have, it may be worth approaching the Samsung Business Division first before you whip down to JB or Telstra to buy a few phones or tablets. It may open your eyes to productivity improvements you have never envisaged.

https://youtu.be/zh2EY1FKM_4

https://youtu.be/eDL_9WVhilo

Small Business Answers also has a guide on buying a mobile phone

Sharing Sensitive Data

Posted on by
Reply

Veritas Technologies, a global leader in data protection, availability and insights, has revealed new research highlighting the dangers of sharing sensitive data by misusing instant messaging and business collaboration tools. In Australia, 66% of employees have admitted to sharing sensitive and business-critical company data using these tools, the survey found.

The Veritas Hidden Threat of Business Collaboration Report polled 12,500 office workers across ten countries, including 1000 in Australia. Shows employees take data out of the businesses’ control that employs them, exposing companies to risk. 53% are saving their own copies of the information they share over IM, while, conversely, 47% of knowledge workers delete it entirely. Either approach could leave companies open to significant fines if regulators ask to see a paper trail.

Sensitive data being shared by employees on these channels includes client information (15%), details on HR issues (10%), contracts (12%), product development information (12%), and even COVID-19 test results (12%).  Just a third of employees suggesting that they hadn’t shared anything that could be compromising. The research also reveals that, while employees use collaboration tools to close deals, process orders and agree on pay raises, many do this despite believing that there will be no formal record of the discussion or agreement. In fact, only 48% thought that the businesses they worked for were saving this information.

According to Geoffrey Coley, Director, Strategy & Architecture, Asia South and Pacific region, at Veritas Technologies, “For many Australians, our entire way of work has been reset since the start of 2020. Companies are rushing to bolster their data protection ways of working to include the platforms where their business is actually being conducted.”

Increased use is compounding issues

The research shows that the challenge is compounded by the amount of time employees are now spending using messaging and collaboration apps.  Time spent on tools such as Zoom and Teams has increased by 21% since the start of the pandemic. This means employees are now spending, on average, 2.3 hours every day on them, with 21% of employees spending more than half their working week on these applications.

A significant amount of business is now being conducted as routine on these channels, and employees are taking agreements as binding. For example, as a result of receiving information over messaging and collaboration tools, 24% of employees have accepted and processed an order, 21% have accepted a reference for a job candidate, and 20% have received a signed version of a contract.

Sensitive data is shared on these tools even though 29% of knowledge workers have been reprimanded by bosses for their use. However, these admonishments may have been in vain as 75% of all workers responding to the survey said that they would share this kind of information in the future.

Geoffrey said: “Getting employees to use ‘approved’ methods of communication and collaboration tools is an uphill battle. Instead, our message is simple: don’t fight it – fix it.”

IM trusted nearly as much as an email

When asked which methods of communication provide the most reliable proof that an agreement is binding, the trust that workers had didn’t appear to be based on the ability of a business to capture the discussion as evidence:

  • Email is viewed as a reliable affirmation of an agreement by 97%, followed by a written letter at 96% and electronic signature a close third at 92%
  • Instant messaging platforms, including Zoom, Slack and Teams, were still trusted by 90%, text by 89% and WhatsApp by 77%
  • 66% even viewed social media as reliable proof that something has been agreed

“Business data is sprawled across different locations. Deals are being done, orders are being processed, and sensitive personnel information is shared through video-conferencing and messaging platforms. It’s now critical for companies to include this rapidly growing volume of data in their protection and compliance envelope.  If they don’t, the implications could be huge,” concluded Geoffrey.

Veritas recommends the following steps for businesses that want to regain control of data being shared over messaging and collaboration tools:
  • Standardise on a set of collaboration and messaging tools that meet the needs of the business – this will limit the sprawl
  • Create a policy for information sharing – this will help control the sharing of sensitive information
  • Train all employees on the procedures and tools that are being deployed – this will help to reduce accidental policy breaches
  • Incorporate the data sets from collaboration and messaging tools into the businesses’ data management strategy using eDiscovery and SaaS data backup solutions – this will empower users to make the most of the tools without putting the business at risk

For more information on sharing sensitive data see Small Business Answers guide on Internet Security protects from cyber threat

Methodology

Research conducted and statistics compiled for Veritas Technologies LLC by 3Gem. A total of 12,500 office workers who used communications channels as part of their job were interviewed between 23 November – 8 December 2020 in Australia, Brazil, China, France, Germany, Singapore, South Korea, UAE, United Kingdom and the United States.

Internet Security protects from cyber threat

Posted on by
Reply

What is the most valuable item in your small business?  Is it a piece of machinery or perhaps the data on your computers.  How do you protect that valuable item?  With thick steel bars or a thin sheet of glass?  This guide will discuss Internet Security protecting you from a Cyber Threat.

A Cyber Threat is the possibility of a malicious attempt to steal information, damage or disrupt a computer network or system. This threat will come via the internet , but you can protect yourself via security software and good practise.

 WHY should you care about internet security?

All the benefits of being able to connect with the world via the internet also mean that all the criminals of the world can target you. 

Not only do you want to protect your reputation and secure your private information you also must protect any customer data you have and can be fined for a breach.

WHAT are the types of cyber threats?

Malware

Refers to viruses, spyware, trojans, and worms. Malware can allow someone to take control or spy on an individual’s computer.  Key information stolen includes bank details, credit card numbers, and passwords.

Phishing (pronounced fishing)

This refers to receiving an email from someone pretending to be familiar with you.  They quite often pretend to be a well know Australian brand and encourage you to click on a link.  You will then be asked to provide information like passwords, birth dates or to pay a fake bill. For example, you receive an email from your bank but it is actually a phisher.  They ask you to confirm your banking details including password.  The phisher then uses these details to log into your real account and steal money.

Phishing may occur via email, SMS, instant messaging or social media

Ransomware

This is where your computer is essentially hijacked and you are asked to pay a ransom. Do Not Pay a ransom as they may never give you access even if you pay! It works by you clicking on a link or opening an attachment that installs software which denies you access to your computer or files.  A message is displayed indicating if you pay money they will give you access back.

How do you protect yourself against internet security threats?

To protect your small business from cyber threats you should consider implementing the following:

Antivirus software – Also known as anti-malware software, this is computer software used to detect, prevent, and remove malware.  Bought as a per year subscription you should ensure all PCs are running it and subscriptions are up to date. See Gadget Guy for reviews of the latest antivirus software solutions.

Automatically update your operating system – The likes of Microsoft and Apple are continually providing software updates to counter new threats.  Most modern operating systems are set to automatically update by default but ensure this has not been deactivated.

Automatically update your software applications – Just like your operating system, applications like Microsoft Office need regular security updates. Since the release of Microsoft Office 10, this is automatic by default (from office click file then account to check).

Regularly back up your business’ data – This is a digital copy of your data from your PCs and shared storage devices preferably kept externally to your place of business.  Back up is a critical strategy to restore your business and we cover this in a separate essential guide on Backup.

Multi-Factor Authentication – This is a security measure where two or more proof of identity must be provided to gain access. It would include some combination of password, pin, secret question, physical key (card or token), SMS, and a fingerprint.

Be cautious – If you are asked for money, your password, account details, or login details don’t provide them.

HINT

Implement a password strategy within your business which requires passwords to be strong. The key aspects of a strong password are length (the longer the better); a mix of letters (upper and lower case), numbers, and symbols, no ties to your personal information, and no dictionary words.

Make sure you have a strong password set up on your wi-fi

Decide who you will give access to what data

Teach your staff about the importance and predetermine a plan if you are affected.

Consider taking out technology and cyber crime insurance (see our essential guide on insurance)

SUMMARY – Secure your business against a cyber threat

Do not believe it will not happen to you.  TAKE PRECAUTIONS AGAINST A CYBER THREAT TO YOUR COMPUTERS.  Implement simple internet security steps to protect yourself like having virus software, keeping software up to date, ensuring you have secure passwords, and backing up your data will ensure your reputation and continuity of business.