Posted on

Cyber Security and BIA – Preparation is the Key!

As part of the overall Disaster Recovery (DR)  and Business Continuity Plan (BCP), organizations must look into certain time sensitive factors hence put into practice a thorough business impact analysis.  When implemented properly, this all contributes to the overall success of an organizations’ Cyber Security strategy.

As discussed previously, Business Impact Analysis helps a company decide exactly what needs to be recovered and in what amount of time. There are 2 different types of analysis that business planners take into consideration:

Quantitative Decision Making: Basically, this involves the use of numbers and formulas to make a decision. As a result, the data often expressed is in terms of dollar value for the business.

Qualitative Decision Making: This type of decision making take into account non-numerical factors such as emotions, investor/customer confidence and stability among other concerns.

The Cyber Security team incharge of BCP needs to assess all the organizations’ assets and then assign an asset value (AV) in monetary terms to each asset. The second quantitative measure that team must look into is the maximum tolerable downtime (MTD) also known as maximum tolerable outage (MTO). In a nutshell, the MTD is the maximum length of time an organization function can be inoperable without causing irreparable harm to the business. Overall, MTD  provides crucial information and when an organization is performing  both BCP and DR planning. The Recovery Time Objective (RTO) should also be considered for each organization function. This is basically, the amount of time in which you think the organization can easily function in the event of disruption. Furthermore, Recovery Point Objective (RPO) also needs to taken into account which basically tells the planner the point of time up until the data needs to be recovered.

 

Overall, the goal of BCP process is to ensure that businesses RTO are less than their MTDs resulting in situation in which a business function should never be unavailable beyond the maximum tolerable downtime. The man made and natural risks also need to be identified as well. Besides the loss in terms of monetary amount other qualitative points of view need to be considered such as:

1.) Loss of trust among your client base

2.) Loss of employee to other jobs after lengthy downtime

3.) Social and Ethical responsibilities to the community

4.) Getting negative publicity

In conclusion, BIA can prove invaluable to the overall success of the organization.  As result, this can save organization thousands and even millions of dollars when done properly. The security consultants at Silex Systems can guide an organization to meet their BIA and cyber security needs.

 

Posted on

Business Impact Analysis (BIA) as part of your Cyber Security Plan

In one of my previous posts, I had written about Disaster Recovery and Business Continuity and the steps individuals as well as organizations can take to overcome not to mention reduce, today’s cleverly disguised cyber attacks.

Business Impact Analysis (BIA) should be a key part of the overall cyber security plan for any organization. Basically, BIA helps a company decide what needs to be recovered and in what amount of time. As part of BIA, an organization needs to identify mission critical functions and make sure they are prioritized.

All the critical functions of the organization need to be examined thoroughly to see how long can the company function without causing significant financial losses, unhappy customers, incurring substantial penalties or fines from regulators and possibly lawsuits!

 

Furthermore, the organization needs to decide what it’s key functions are as they relate to organization and the technology associated with it needs to be classified based on  recovery priority. Another crucial point to keep in mind is that recovery time frame is based on results of not performing the function.

 

The planner who is part of the Business Impact Analysis team would need to classify the low, medium and high impact areas as well as the time it takes before the impact is noticed.

The fact of the matter is that today’s organizations cannot function without data. The BIA team must take into account all kinds of data associated with the organization. This is also where Recovery Time Objective (RTO), Mean Time Between Failures (MTBF), Maximum Tolerable Downtime (MTD) and Recovery Point Objectives (RPO) would come in to consideration. Stay tuned as these would be discussed in future posts. As always, you may also call the security consultants at Silex Systems for further information.

Posted on

Office 365 – What makes it so attractive to get your office tasks done?

Well, if you and your company are one of the few who still have not migrated to Office 365 (Microsoft Office cloud version) then you may want to read along.

Microsoft has bundled up most of its most popular applications under one login. These applications include but not limited to Word, Excel, PowerPoint, Skype for Business, Yammer, One drive for Business, SharePoint, Outlook, Yammer and MS Teams just to name a few. On a side note, Skype for Business would eventually be replaced by Microsoft Teams, which was announced by Microsoft back in 2017.  The exact date of Microsoft of “pulling the plug” on Skype for Business is still undecided.

Microsoft offers Office 365 packages in several different options. Emails and storage are essential part of Office 365 and that is why Microsoft offers 1 TB of storage and 50 GB inbox space as standard for majority of their packages.

The IT Professionals at Silex Systems can help you choose the right Office 365 package. There are several reasons why you may want to consider Silex Systems over Microsoft to purchase your next Office 365 packages.

We at Silex Systems have certified Microsoft professionals to help you on your entire Office 365 migration and onboarding journey. Furthermore with Silex Systems, you will get prompt support 7 days a week, 365 days a year which may not be the case with Microsoft unless you choose premium support option at extra cost with them. How did your last email migration go? We have several IT experts ready to migrate your data with no downtime. The best part of all is that migration and onboarding are free of cost to you.

On top of comprehensive support, Silex Systems also offers a 30 day money back guarantee because we understand the importance of your satisfaction.  As with most cloud based applications, Office 365 can be accessed anywhere and on any device as long as there is an internet connection. Silex Systems is your one-stop shop for all your IT needs. Take advantage of featured packed Office 365 today and take your office productivity to the next level.

Posted on

Disaster Recovery and Business Continuity – Are You Ready?

It’s Friday night and you are having a nice dinner with your family at a fancy Italian restaurant when all of sudden you get a call that Server room ceiling has been leaking water and as a result  has spread all over the floor along with power outage.  This is probably the worse news an IT Director or IT Manager can hear going into the weekend unless they have tested Disaster Recovery and Business Continuity plan in place.

The terms Disaster Recovery (DR) and Business Continuity (BC) are used  together and for good reason. Basically, DR is set of plans and procedures to prepare and recover from disaster. From a Business Continuity (BC) perspective, a negative impact on its operations and finances can be classified as disaster. Overall, DR includes both hardware and/or software failure, power malfunction, network malfunction, physical as well as human error.

Let the truth be told. Disasters are bound to happen whether they are in the form of tornadoes, hurricanes, earth quake, floods or even fire. In other words, organizations worldwide need to have plan in place to deal with potential natural or human-induced disasters. By following a few guidelines, organizations of any size can be well prepared before disaster strikes.

A well organized DR/BC plan can be formulated by following a few steps or phases. The first phase involves the following:

Phase 1 – Collection of Data

1.) The entire DR/BC project should be put together including a timeline, expected output and resources.

2.) Business impact analysis needs to take place regularly

3.) Risk assessment needs to happen quite often as well

4.) Both Onsite and Offsite backup and recovery procedures should be reviewed

5.) Other locations need to be chosen and ready for use

Phase 2 – Plan, Develop and Test

1.) All the data needs to come together to develop a disaster recovery plan

2.) The newly formulated plan needs to be tested

Phase 3 – Monitoring and Maintenance

1.) Maintenance of new plan through updates and review

2.) Inspection of disaster recovery plan on periodic bases

3.) Document all the updates and changes regularly

The disaster recovery and business continuity planning professional must involve the senior management at the early stages of DR/BC planning since they would approve all the necessary steps as well as well budget to make this happen. They would also bring on board, department heads from other units within the organization to discuss mission critical functions and business processes and strategies to recover from disaster.

Furthermore, the following issues need to be taken into account when formulating a disaster recovery strategy:

1.) Allocation of funds (Budget)

2.)  People and physical facilities (Resources)

3.) Stance of senior management on risks

4.) Vendors and suppliers

5.) Data

6.) Technology

Overall, major breakdowns as well as loss of revenue can be minimized or even avoided by putting a well thought out disaster recovery and business continuity plan in place. We at Silex Systems consist of team of disaster recovery professionals that can help your organization achieve its business continuity objectives and devise a robust disaster recovery plan. Call us to schedule an appointment today!

 

 

 

 

 

Posted on

Cyber Security – Mitigating Risks

In order to find how serious the cyber threats have become, all we have to do is to look at the timeline of the series of attacks that have taken place around the globe over the past 5 years. Computer viruses along with malware and hacking attacks have become more complex and difficult to anticipate.

The numbers are staggering. Number of reported incidences have skyrocketed from around 5,500 in year 2006 to over 48,500 incidences in 2012 according to US-Cert.

Web Development Work Concept. HTML CSS Programming Job. Programmer Working on His Laptop Computer Concept.

So what can organizations do to better safe guard there networks? As emerging technologies such as cloud computing, mobile and big data become more wide spread, it is imperative for organizations both small and large to formulate a strategy to minimize the risks of such attacks. Here are some guidelines:

1.) They can start by collaborating and developing secure information sharing.

2.) They need to implement real-time awareness to determined different types of threat levels and risks.

3.) With in the organization, they need to define clear usage policies for data access and ownership.

4.) More often then not, they need to review as well as test systems to assess vulnerabilities.

5.) Organizations need to train their staff as well to understand compliance requirements to keep systems secure.

According to study conducted by Ponemon Institute’s 2013 Cost of Cyber Crime, on the average a company in the US gets more than 100 successful cyber attacks each year at a cost of $11.6 million. That’s an increase of 26% from 2012.

The good news is that study further showed that companies that implemented and were enablers of security technologies reduced losses by nearly $ 4 million. Furthermore, those companies that even practiced employing good security governance reduced costs by an average of $1.5 million.

The security professionals at Silex Systems can help your company plan a strategy to safeguard its data assets against cyber threats. We at Silex Systems can provide a total turn key solution based on both the latest hardware and software. Call us today and sleep stress free tonight!

 

Posted on

IoT – Connected Devices and Security

At this point, one can only imagine what life would be like with self driving (autonomous) cars on streets every where. Let’s not forget all the devices including home appliances and electronic items connected via the internet and passing information to one another. Together as a whole also known as Internet Of Things (IoT), all the devices connected together are suppose to make our lives more efficient, automated while being more economical.

But with added benefits of automated homes and offices comes the downside of these devices  getting hacked and bringing down the rest of the network with them. Cyber security companies are rushing to bring out products and services to the market to address these vulnerabilities. Even the IoT device manufacturers send out patches for protection but very few folks actually apply them. There has to be better way, a standard that can protect these IoT devices from external threats.

The fact of the matter is that most manufacturers of these IoT devices intentionally allow remote access for patching, administration, upgrades and bug fixing just to name a few. Most of the users of the these devices on the other hand do not know about these backdoor vulnerabilities.

The manufacturers of these devices along with security companies are trying to find different ways to better protect as well as update these devices. Firewalls are not just for offices anymore. As more and more appliances at home such as our CCTV cameras, TV sets, washing machines and refrigerators get connected on world wide web and become available “online” in addition to the laptops, iPads and smart phones,  placing SOHO (small office home office) firewalls would be a good start to guard against these ever so evolving cyber threats. Talk to the professionals at Silex Systems to get free assessment of your home and office networks against cyber threats today.

 

Posted on

Cyber Security – Time to Act Is Now!

Let’s just stop what you are doing and think for a second. Basically, security is defined as state of being free from danger or threat. In a similar manner, having well thought out cyber security strategy gives a person or an organization for that matter confidence to conduct tasks and gives them the edge to succeed in a fast changing global environment.

Today’s organizations, not matter what size, require a proactive approach in “real time” to constantly assess, analyze and fight new cyber threats generating every day. Gone are the days where organizations would wait for threats to appear and then take appropriate action based on them. World class cyber security companies in partnership with local governments have setup cyber threat monitoring centers that are constantly scanning web traffic. As a result, organizations are better prepared for cyber threats even before they are struck.

Due to spike in cyber threats in recent years, whether they are related to computer and/or network intrusion, ransomware, corporate security breaches, spear phishing or social media fraud, former President of the United States, Barack Obama issued an Executive Order 13636 “Improving Critical Infrastructure Cyber Security” in February, 2013. Basically, this Executive Order established United States policy to further improve its critical infrastructure and to maintain a cyber environment that promotes creativity, efficiency and economic well being while at the same time assisting safety, security, business confidentiality, privacy as well as civil liberties.

As more and more devices are connected online and vast amounts of data both confidential and otherwise is moved on to the cloud, it is imperative for organizations as well as individuals to start re-assessing their cyber security infrastructure in place. As cyber security professionals dealing with such threats the last 20 years, the team here at Silex Systems can provide you and your organization both hardware and software based customized solutions to meet every budget.