Coleman Technologies Blog
Businesses can now capture and use more data to help them run an efficient business than ever before. That’s not to say a lot of businesses actually do. In this month’s newsletter, we thought we’d discuss the use of data and how it can be used to improve your business.
What’s the Line Between a Security Breach, and a Data Breach?
When security breaches and data breaches are mentioned in the same breath so often, it’s easy to look at them as one and the same. However, we want to take a moment to explain the differentiating factors between the two, as it could be all the most important for protecting your business in the future.
There’s no beating around the bush with this one; moving data from one place to another, also known as data migration, is critical to get right the first time. If you create and follow a migration strategy, evaluating here and there to make sure it’s all going according to plan, you’ll see great success in this effort. Let’s go over how you can make it happen.
What’s Your Business Continuity Strategy for 2023?
When you suffer a data breach, you might wonder how you can possibly come back from such an event, especially if it leads to a network compromise. Can your business rebound effectively, and if so, what do you need to do to make sure that it doesn’t happen again? It all starts with understanding how much data you need to function, as well as how much downtime you can afford to suffer from.
What Exactly is Personally Identifiable Information?
It’s incredibly important to keep your personally identifiable information secure, but what exactly constitutes PII? Today we offer a definition and suggestions or strategies to help you keep your PII safe.
Last time, we broke down how much data is stored in a typical book, and how much data every book in the Library of Congress contains. This time, let’s really show you what that data consists of, and some other really neat comparisons to put things into perspective. Buckle up!
Do you ever think about how incredible technology is? In a world where it’s easy to take advantage of technology and devices that were practically inconceivable just a few short decades ago, it’s really amazing to just look at how far we’ve come, and how something so small can fit so much information.
Examining Some Unusual Cybercrime Patterns in 2020
To begin, let’s examine the data that we currently have available, courtesy of Statista: in 2019, there were a total of 1,473 data breaches recorded. The first half of 2020 saw 540 breaches reported. Crunching the numbers, these 33 percent fewer breaches have impacted what other sources assert to be 66 percent fewer people.
You Need to Be Asking These 4 Questions to Maximize Security
#1: Is security a priority when we build processes?
Your business has a way that it does what it does. Are those processes created with both physical security and cybersecurity in mind? The amount of threats your business is subject to is literally innumerable. Each day new threats are created and used to try and steal money and data from businesses just like yours. When building your business’ processes, the first consideration that isn’t “can I make money this way” has to be about how to secure your business from outside threats.
Recently, as technology has been implemented, and its price has dropped, small businesses are now beginning to use “big data” to improve the way their business functions. Data services are just that, services that involve the structuring and securing of data. Let’s take a look at a couple that are changing the face of business.
What is Data Automation?
In so many words, data automation is the collection and transcription of data using software, rather than the outdated and time-consuming manual processes that were once necessary.
Rather than one of your valuable employees being committed to data entry instead of the other tasks that are better suited to their talents and abilities, data automation utilizes technology to attend to it. As a result, your team can focus on their other responsibilities, while your data is managed more efficiently and accurately.
Research In Action surveyed 468 CIOs about their company’s cloud usage and the costs they understand. A majority said that their company’s cloud computing investments were some of the largest technology expenses on their company’s budget. Fewer CIOs consider the hidden costs of the technology, as most of them trust their vendors to make the determinations needed to keep their business’ cloud platforms viable and available. Many of them admitted to monitoring the fluctuations in cost, but feel as though the technology provides the best value possible.
Data loss can happen a few different ways. Malware can cause irreversible data loss, and ransomware can cause reversible data loss, provided you pony up the ransom to hackers. Your end-users can mistakenly cause data loss by overwriting or deleting data, but a disgruntled employee could do even more damage intentionally. Your data is stored on delicate, mechanical devices that are extremely sensitive to shock and damage. Hard drives don’t last forever and will eventually fail, so if your data is only stored in one place, it’s just a matter of time.
How a Company Acquires Your Data
For a company to get your data, all they really have to do is ask you for it. Think about what happens each time you make a purchase online, or even create an account—you’re handing over your contact information, and usually pairing it to one of your financial resources.
Obviously, you’re subconsciously entrusting them with this information, assuming that they will keep it sufficiently protected and secure.
The point is, there comes a point when it is time to buckle down and get things organized. This can cover nearly all facets of your business (and possibly your life in general), such as:
- Organizing/revamping your workspace
- Reviewing and improving processes
- Establishing better habits
- Writing content to automate touchpoints with clients and prospects
- Scheduling regular training sessions with staff to hone in production
- Trimming the fat when it comes to vendors, software licenses, hardware, etc.
To do so, we’ll be discussing the concept of cloud security, which is pretty much what it sounds like: security concerning the data, infrastructures, and applications that are hosted in the cloud. In many ways, these considerations aren’t all too different than the ones that would be involved with your local IT. When really boiled down, any security you have implemented should meet a few benchmarks:
- Assurance that data/solutions are safe
- You have a transparent view of your security’s status
- Instant alerts to unusual events and issues
- These events and issues can be followed back to their source and addressed
Of course, we don’t mean to say that everything is identical between the security of your local infrastructure and a cloud system. We just wanted to establish this as the foundation of any security you implement.
Demystifying Cloud Security
By its nature, cloud computing can be intimidating, especially when you start to consider how it has impacted the business technology landscape. Fortunately, many of the security considerations that cloud now demands aren’t necessarily huge leaps from what your security should be normally. Let’s walk through a few differences between traditional security and what is required in the cloud.
Different Perimeters to Protect
Consider how data can be protected when it is localized. You can effectively prevent a lot of threats just by preventing access to the area where your data is stored. The cloud makes this significantly more difficult by being so very connected.
However, if you know this moving forward, you can adjust your security to meet these needs. One effective way to do so is to make sure that all data to be stored in the cloud is encrypted, and that access to the cloud itself is protected with multi-factor authentication requirements with the appropriate best practices baked in.
More Advanced Threats
Unfortunately, not even cloud providers are immune to attacks. The development of Advanced Persistent Threats (which you may see referred to as APTs) and other means of breaching data make it difficult to be sure that your data is truly safe. While the jury is still out on how these threats can be overcome, you need to accept the responsibility of keeping up with the practices that can help in the meantime.
As the cloud relies on software to deliver hosted data, there is an assortment of potential variables that need to be addressed. Therefore, the cloud needs to have security controls in place to address these variables as they present themselves. This is the case whether data is being transported at the time, or if it is filed away.
Coleman Technologies can assist you with your data security needs, as well as assist you with whatever cloud implementation you decide to put into place. To learn more, reach out to us by calling (604) 513-9428.
Managing Data is Easier with Data Virtualization
What is Data Virtualization?
It isn’t uncommon for today’s businesses to have multiple database management systems, and unfortunately, the different types don’t always play nicely with one another. As the amount of data that businesses leverage swells, it has become more important than ever for businesses to be able to consolidate all of this data into an easily accessible tool, without creating a new copy or moving it from its original source - a process similar to data federation, but one that allows access to different data types.
This process makes it far simpler for data to be put to use, allowing the various solutions that are used throughout the course of business to interact with this data.
The Primary Benefits of Data Virtualization
There are quite a few benefits to using data virtualization in your business, but for our purposes here, the fact that all of your data--stored in a variety of different locations--is interconnected and accessible from a single point is the highlight. Just consider how much more could be accomplished if you and your team could access all of the different data types you may need from one place.
As a result, data virtualization is exceptionally useful for processes involving analytics and Big Data, as both incorporate data that comes from a diverse variety of sources.
Of course, we would be amiss if we didn’t mention some of the other benefits that data virtualization has to offer. Productivity can be boosted through the integration of different data units and structures, management becomes simpler, and it is usually a more affordable option than the alternative of copying and converting all of your data into compatible formats.
Interested in Learning More about Data Virtualization?
Reach out to the pros at Coleman Technologies. Even if data virtualization doesn’t apply to your specific needs, we can come up with the right solution for you! Give us a call at (604) 513-9428 to learn more.
Before we get into the strategies of protection, let’s identify what constitutes personal information. It includes:
- Full Name
- Phone Number
- Email address
- Social security number
- Biometric data
If you consider how many times a business has asked you for this information, you will understand just how exposed your personal data is. You may not consider it a big deal until you are in the throes of a situation where your identity has been stolen.
You Need to Maintain Control
Your personal information is exchanged in nearly every transaction you take part in online. In response to this, you need to understand what these organizations use this information for, and how exposure of your sensitive data diminishes your data privacy. Obviously, the goal is to keep this information out of the hands that will take advantage of it and bring detrimental situations to your doorstep.
Once you realize that you can’t trust companies with your personal information, you have started to understand the lay of the land. In Europe, the establishment of the General Data Protection Regulation (GDPR) brought the first major privacy protection law, and you are beginning to see more governments considering what to do in regard to data privacy. In many parts of the world, privacy has been nonexistent. Monitoring your information is a great way to turn that trend on its head.
As of now, people continuously distribute their information to organizations with the confidence that those organizations are going to keep that data safe. This hasn’t worked out that well for the individual, but that doesn’t seem to deter them from sharing this information anyway.
Only 10 percent of people feel like they have control over their own data, but less than 25 percent of surveyed respondents believed companies are doing enough to protect it. What is strange is that 92 percent of respondents of the same survey said that they would like to have absolute control over their personal data, with 87 percent seeking the ability to remove personal data from the Internet if it negatively affects their reputation.
Just being diligent about who you give your data to simply isn’t enough to protect it; and with so few options available to do so, an individual’s best bet is to understand the threats they face. These include:
- Vulnerabilities in applications - Data breaches are mostly caused by software that isn’t updated with up-to-date threat definitions. This problem can happen to any organization that isn’t diligently updating the software it uses.
- Poorly trained workers/sabotage - You wouldn’t believe just how many massive data breaches are caused by the people that a business depends on the most. If your staff isn’t properly trained, or you have disgruntled employees that have access to sensitive information, those situations could end poorly for you.
- Lack of response - Even if you have all the security you need in place, breach is still a possibility. That’s why it is crucial to be prepared in the event of a breach that your organization has the tools and expertise to mitigate the situation before it becomes a problem.
- Refusal to dispose of data - Your organization may find the data it takes in useful for multiple reasons, but if you sever ties with customers, vendors, and staff, it is your responsibility to securely dispose of their personal information. A failure to do so in a timely fashion could lead to a negative situation. Get rid of the data you no longer need, especially if it contains sensitive information.
- Collection of unnecessary data - If data is a form of currency, it stands to reason that it will be shared between companies. If you don’t need the data, however, why do you have it? Possessing data you don’t intend to use--or don’t need--can lead to losing track of it.
People provide personal information all the time, and unfortunately, the organizations they are giving it to don’t understand how to protect it properly; or, worse yet, actively use it for their own monetary benefit. With the lack of effort by these organizations, individuals have no choice but to take a diligent approach to keep sensitive data away from hackers, and keep their identities secure.
If you would like more information about data security, visit our blog at www.colemantechnologies.com today.
A Refresher on the Cloud
“The cloud” is a term that is used extremely loosely, effectively referring to any data that is stored on the Internet. So yes, online storage spaces like Google Drive, Microsoft 365, and Dropbox count as the cloud. Your website’s hosting service counts as the cloud. The social media sites you use, like Facebook and Twitter, qualify as the cloud in a way. Arguably, even online banking is a cloud-based service, as your information is stored on your bank’s online servers.
If you use a store’s photo printing services, or attach a file to an email, or ask your virtual assistant to wake you up early, you are utilizing a cloud service. Businesses around British Columbia use cloud technology to share documents, store data, and host apps and line of business software titles.
Any data you have stored online is data that you have in the cloud.
Is It Okay to Have So Much Data Online?
Truthfully? It all depends upon what data you are storing, and where it is being stored.
It is important to remember that - in essence - all the cloud is, is someone else’s computer that you can leverage. Storing data in the cloud is quite literally entrusting its security to someone else… something that has both benefits and drawbacks.
On the one hand, many businesses have onsite servers in which they keep their company data, which requires them to keep those servers secure. If something happens to this data (despite the network protections and backups that should be in place) it is on that business.
On the other hand, cloud services are typically provided by big-name companies who can feasibly afford to protect the data they have been entrusted with. Who would have more capital available to invest in cloud security… your business, or the likes of Google or Microsoft?
It should also be considered that these larger companies can provide much more value to the people who can successfully hack them. It isn’t unheard of, either… Yahoo, Dropbox, and Apple iCloud have all been breached at some level, and attacks are always happening.
So, Is the Cloud Safe? How Can I Protect My Data?
All this may make you feel as though your most secure option is to eschew the cloud as much as possible - but, depending on what you’re storing and how this data is protected, you may have other options. Here are a few practices to help you balance the potential risks and rewards.
Encrypt BEFORE Uploading
Encryption is a very popular buzzword among cloud solutions. Public cloud providers will throw terms like “256-bit encryption” around, making their services sound pretty great. However, your data will only be encrypted like this as it is being transferred. In storage, it is unencrypted, and is therefore vulnerable. If your data were to be encrypted independently of the cloud, on the other hand, it would be rendered effectively useless to someone who didn’t have the ability to unlock it.
Understand Your Compliance Requirements
Different industries maintain different standards for the security of your customer and client data, in addition to the data privacy laws that are on the books. The medical field has HIPAA, and many businesses need to abide by PCI DSS. In order for you to use a service provider’s cloud solution to store your data, you need to confirm that it is compliant to the requirements imposed upon your industry by such regulations.
Practice Password Hygiene
While this is important to consider when leveraging a cloud service, any of your online activity should abide by the same rules. If you don’t repeat passwords across accounts, you can effectively limit the number of accounts that can be breached through one action.
Cloud storage and services is a growing industry, thanks to its low barriers to entry and huge potential profits. You need to make sure that you select a service that is fully protecting your data, not just the one that offers you the lowest price.
Coleman Technologies can help you with your cloud service needs, without sacrificing your security. To learn more, give us a call at (604) 513-9428.