Your Data Breach Is Coming

“I’m too small to be a target.”
“They won’t get any money out of me.”
“They are only after the big fish.”
“I don’t have a budget for security.”

Ever said the above about your business when it comes to securing your data/network or planning your risk? You’re not alone. Millions of small business owners around the globe say that. The problem is that they couldn’t be further from the truth. As we see a rise in ransom-ware and cyber attacks, it’s the small business owners who are normally the easiest/first to get breached. Part of the problem is that when a breach to a small business happens, you normally don’t hear about it in the paper.  It’s time to take control of your risk and figure out your ALE (Annualized Loss Expectancy).

Why small businesses?

The answer is simple. Lack of security controls, no or poor backup routines, and the likelihood of them paying a ransom are why so many small/medium businesses are a target. It’s easy money for a ransom-ware attacker. Ransom-ware is a $1 Billion dollar industry according to 2016 numbers and 2017 looks to be a better year for them. It’s even spawned it’s own sub-market, Ransom-ware As A Service. Think about it. Would you pay $400 to get access to your data and keep your business going? Most business owners would say yes and this just fuels the business of ransom-ware.

Attackers are also going after small businesses in order to piggyback to bigger fish.  It happened with many major breaches. Target’s breach was due to an HVAC vendor.  Using the smaller, less protected business partners in order to gain access to more secure systems are part of an attackers repertoire and is actively being used in today’s modern world.

It Won’t Happen To Me

At a recent conference in Washington DC, EDC was part of a round-table discussion about security for the SMB market. With around 20 business owners and managers at this meeting, we were able to freely discuss breaches that we have come across. In total, we estimated that just 20 of us saw around $250,000 in ransom-ware payouts in 2016. The worst story was one of a 6 person health practice. After the ransom-ware payout and HIPAA fines, the practice was out $140,000 or almost 2 years of profit. This doesn’t include loss of business and the money spent on marketing to gain back lost patients. What was the estimated cost of implementing backups and security practices for this one client? $5,000.

Another story? One title firm was out tens of thousands of dollars on a wire fraud scheme that turned out to be part of an international hacking ring. It involved a breach at a bank and a mortgage lender from out of state. It was a very high level attack and the FBI stated the money was unrecoverable.

You know what those 2 attacks have in common? They both happened in south Louisiana.

What Can You Do About the Risk?

Expect that you will get breached and come up with a plan to limit your breach. Come up with a plan regarding how much you are willing to spend vs lose yearly due to cyber crimes. Look at the slide below:

Risk

This comes from the US Cyber Consequences Unit. They are a think tank from DC who assists the government with learning future attacks based on trends. Scott Borg basically said you should accept the risk of an attack and come up with a game plan to help lower that risk. At the end of the day, it’s spend money to save money/your business.  The ability to come up with risk and mitigate or accept it is crucial in today’s business.  That’s especially true with the connected world we do business in.

If you have any questions or want to talk more about your security liability, contact EDC and we will work with you on getting your network to an acceptable, secure level.

Virtualization For Your Business

Virtualization

With hardware becoming more robust, powerful, and affordable, the traditional way of having 1 server running per physical server is inefficient.  So what if there was a way to stretch out 1 physical server into multiple servers while still keeping the same performance?  That’s where virtualization comes into play.
While we won’t touch on the specific virtualization software such as Microsoft Hyper-V,  VMWare ESXi, or Linux VKM, having an understanding of virtualization and knowing that your business can benefit from it is still very important in today’s digital world.

What is virtualization?

According to Wikipedia, virtualization is:

“In computing, virtualization is a broad term that refers to the abstraction of computer resources. Virtualization hides the physical characteristics of computing resources from their users, be they applications, or end users. This includes making a single physical resource (such as a server, an operating system, an application, or storage device) appear to function as multiple virtual resources; it can also include making multiple physical resources (such as storage devices or servers) appear as a single virtual resource…”

If that doesn’t clear things up, don’t worry, it can be hard to grasp what virtualization does if you have never been exposed to it.  Let’s try one of my favorite analogies:

Me: When you go to Subway, you know how they have those six-foot party subs?

Other Guy: Yea

Me: Well think of the 6ft party sub as your typical physical server. Every time you have to deploy a new server, you have to order a six-foot party sub. When you go to Subway, do you order a six-foot party sub for lunch?

Other Guy: Well, no.

Me: Why not?

Other Guy: Because you would have a lot of wasted food.

Me: Exactly, so you would probably want five to 10 other people to help you eat that six-foot party sub so nothing goes to waste. With today’s hardware, there are a lot of wasted resources when you have to deploy a single physical server. Virtualization gives you the ability to have five-10 servers running on that one physical server concurrently so your resources aren’t going to waste.

So in essence, you are dividing physical resources normally reserved for 1 server (or server operating system) and provisioning them amongst several server operating systems.

Benefits of Virtualization
  • Better use of resources – A virtualized environment can utilize resources such as CPU, RAM, and hard drive space better than running directly on a physical server.
  • Availability – Fault tolerance can be implemented that would allow a guest operating system to failover quicker.  You can also use backup technology such as VEEAM to better prepare yourself for disaster recovery
  • Security – A virtual server can be sandboxed away from the network easier in the event of a data breach or security issue.
  • Isolation – Instead of putting all your eggs into one basket, you can isolate applications and services to prevent unnecessary downtime.

 

Is It Right For My Business?

It’s not an easy question to answer. For the most part, any size business can/will benefit from introducing virtualization into their environment. Can you separate your digital services such as email, LOB applications, and Office files onto multiple servers? Do you want those services to go down if one physical server dies?  If you’re first answer was yes and the second answer was no, then you are a candidate for virtualization.
Do you already have 3-4 physical servers? Do you wish that you could keep a service running if one of the servers went down?  Then virtualization would work for you.

At EDC, our VMWare certified professionals can help fit a solution to your business.  Our consultants have years of experience in building virtualized environments.  We can work to make sure you can be provided a level of resilience at an affordable price.

Meet The Team – Marcus Schexnayder

Marcus

If you are a client in the New Orleans area, more than likely you’ve spoken with Marcus before.  While in school, Marcus interned with EDC until his graduation from Delgado Community College.  Once he graduated, he was brought on full time.  Marcus has excelled at pretty much every challenge he comes across and we look forward to seeing him grow here at EDC.  We recently sat down with Marcus and asked him a few questions for this month’s Meet The Team article.

1.) Tell us a little bit about your past education and experience.

I graduated from Edna Karr High School in New Orleans in the Spring of 2013. After graduating, I attended the University of New Orleans majoring in Civil Engineering from Fall 2013 to Spring 2014. At first, I attended Delgado Community College in New Orleans majoring in Computer Information Technology from Spring 2015 to Fall 2016. On December 13, 2016, I graduated from Delgado Community with Chancellor’s honors. I worked at Rouses from Spring 2013 to Fall 2015 as a part time cashier while in school and full time in the produce department during the summers then as an intern for Enterprise Data Concepts from Spring 2015 to Fall 2016.

2.) What got you interested in the IT field?

When I first went to college, I was not sure which field I was truly interested in so I sort of just fell into Civil engineering because I thought it would be interesting. I decided that it was not a good fit for me and took a semester off from school to really think about a career path that I would actually enjoy, and knew would keep my interest. I have always been the in house IT guy for all of my relatives, and I also liked taking my video game consoles and iPhones to try to fix them myself. At this point, I felt that Computer Information Technology would be a good fit for me.

3.) If you could meet one person , living or dead, who would it be and why?

If I could meet any person, living or dead, I think it would be Jay Leno. I really love cars, and Jay Leno has around 130 cars so the opportunity to see and potentially test drive some of the cars in his collection would be amazing. I one day hope to own a 1970 Chevy Chevelle SS. He also seems like a genuinely nice guy and does a lot to give back to less fortunate people.

4.) What song best describes your work ethic?

I’d say the song that best describes my work ethic would be Unstoppable by Drake.

5.) What do you think cats dream about?

I think cats dream about drinking milk and one day catching Jerry.

 
I think the next question should have been what Jay Leno dreams about!  Marcus is just one  of many experienced consultants we have at EDC.  If your business is in need of a reliable and knowledgeable IT staff, please feel free to Contact Us.