So You Got Breached: The Real Cost of A Data Breach & How to Protect Yourself

No matter the size of your business, trust between your company, your employees and your clients is paramount to a successful organization. That trust extends beyond the trust that your employees will get their checks on time. It goes further than your clients and customers trusting that your products and services will be delivered on time. It even goes beyond the trust that they will receive an amazing experience with your product or your service. They trust that their most confidential information is safe in your hands. They give you access to everything from their social security numbers to their credit card information and even their medical and legal records. When that data, their most personal information, is compromised, it’s not just losing some passwords and credit card information or some medical diagnosis, it’s losing the trust your clients and employees have placed in you. Not only are we going to explore the true cost of a breach, but we are also going to give you a few tips and solutions to ensure you maintain the most valuable contract you have with your people, the contract of trust.

Unless you have a dedicated partner in cyber-security, such as Delval Technology Solutions, or an in-house cyber-threat specialist, chances are you are waiting for something to break before you fix it. You are going about your day-to-day operations and then you get a call from accounting telling you they have noticed some abnormalities. Your employees are alerting you to strange emails or your third-party authentication is sending you notifications that someone is trying to log on from unknown devices. These are just a few, albeit smaller examples of red flags you may see to let you know of a possible breach.

IMMEDIATE COST

From there you have to hire professionals to determine the scope of the breach Hiring a Cyber-Forensics-Investigator to determine the true nature of the attack can cost you between $10,000 to $100,000 alone! It’s not just hiring an investigator to deal with the breach that will cost you money, the loss of productivity is a huge hit also. The average time to determine the nature of a breach, and this is for billion-dollar industries that are flush with resources is 197 days. On top of that, the average amount of time to address and seal the breach is 69 days. That’s 266 days from beginning to end. In dollars and cents, 266 days can cripple or bankrupt your business depending on the nature and severity of the breach. You are familiar with the phrase “What they don’t know can’t hurt them.” In the case of a data breach, it can hurt you. There are strict laws regarding disclosing a breach to your customers and to the authorities. Just like any other laws, there are fines and penalties that are associated with failing to disclose a breach in time that can cost your business tens of thousands of dollars. On top of that the notification process is a timely and costly one. On average the cost of notifying your customers of a breach is over $700,000. Now you may see this number and say “Well that’s an average and I’m sure it’s offset by massive companies spending millions. What about my small to midsize business?” While you are correct that these huge corporate entities do skew these numbers, it can still cost you tens of thousands of dollars to notify your customer properly of a breach.*

LONG TERM COST

The long-term damage of a breach, and more importantly a slow and incorrect response to one, isn’t just finding and fixing the issue at hand. It’s dealing with the damaged reputation in the marketplace. Oftentimes, while not immediate, the long term consequences can cost you dearly. According to a report by Comparitech*, which compared 40 companies stock prices before and after reporting a breach, the effects are lasting. They found the companies value decreased by 3.5% per share and underperformed Nasdaq by 3.5% in the first 110 days, 8.6% and 8.6% after the first year, 11.3% and 11.9% in the second year and 15.6% and 15.6% in the third year.

THE HUMAN COST

The biggest loss that you could experience due to a data breach isn’t a financial risk, it’s a human risk. You could lose your trust with you customers, your investors and your team. Not all of the trust they have with you is whether they get paid fairly and on time or whether your product or services work. This is their trust that their confidential information they entrusted you with will be safe and confidential. That is the kind of trust that is the most difficult to rebuild. Identity theft can destroy lives, and the thought that the bad guys could get their hands on their social security card numbers, credit card numbers, home and personal email address and passwords is scary. The fact that in their minds it happened because they trusted you with their information is scary enough to send them straight to your competition or in the case of your employees back to the job market.

PROPER TRAINING

While improper security protocols can cause breaches that can crush your business, proper protection and protocol can save, time, money and more importantly, your reputation. Your employees are the first line of defense. Train them and educate them as to what to look for in case of a breach and have a plan of action in case they come across one. Companies, such as Delval Technology Solutions, offer monthly employee training on cyber-security measures to ensure that your team knows what to look for and what to do.

A PROPER ASSESSMENT

Having a trained eye assess your system is a key component to proper security protocols. It’s just like when you were buying that diamond for your spouses engagement ring, you went to an expert who knew what to look for to make sure you were getting your moneys worth. This time you are making sure you have an expert to take an in-depth look at your system and testing it so you know where you are vulnerable and how to strengthen your weaknesses.

PROPER TOOLS

The technology you use, from hardware to software, can make a big difference in your security as well. You want to ensure that all of your programs are updated, as these updates don’t only fix glitches, but they also patch holes in the software that can lead criminals directly to your data. Multi-factor Authentication sends a call, text or email to the person trying to log into your system to ensure that the right person is accessing it and is an amazing tech tool to help protect you against vulnerability. Employing automated security systems allows you the benefit of a system that utilizes machine learning. This not only cuts down on human error, but it also frees up your IT partners and professionals to focus on the bigger issues at hand.

A PROPER PARTNER

I know these last one’s seem a little tech heavy and chances are, you aren’t a technology expert. Your expertise lies in running your business, not securing your network. Therefore the best thing you can do to keep your data safe is aligning yourself with a strong Managed Securities Solutions Provider (MSSP) like Delval Technology Solutions. With a strong MSSP partner, you have a team of experts monitoring your system in real time, using state of the art threat assessment technology. If you have IT personnel, anMSSP can enhance your IT guy into an IT team, giving you an edge in protecting your network, staff and customer’s data. Navigating the waters of technology can be treacherous, and a breach in the hull and holes in the boat can sink your ship. However, following proper practices and having a trusted team, their technology and expertise on board can help you fill the holes, protect against breaches and help you captain the ship that is your business to the promised land.

https://www.comparitech.com/blog/information-security/data-breach-share-price-analysis/

https://www.varonis.com/blog/data-breach-response-times/


Cyber-Security and Covid-19: Protecting Your Business in the New Normal

Covid-19 has changed the world as we know it. It has also reshaped the business world into one that exists just as much digitally as it does in traditional brick and mortar form.

With new territory comes new problems, and cyber security is not immune from this. What are the biggest cyberattacks hackers are employing in the age of

Covid, and more importantly, how do you protect your business and your data from hackers and their cyber threats? The pandemic that is Covid-19 has altered the way Americans and the world do business, and experts are speculating these changes may be permanent. In 2020 over 50% of businesses migrated from the office to the

cloud. Of those 50% over 70% of business owners say they will continue to allow workers to work remotely after the pandemic*. This has to do with what

employers are seeing as an increase in productivity and allowing businesses to pull human assets from all corners of the earth. On top of this E-Commerce has

seen a whopping 30% boom in business across the board, with many E-Commerce companies seeing record profits in 2020*.

With new opportunities for businesses however, there are also new opportunities for hackers and cybercriminals to wage potentially

crippling cyber-attacks on both businesses and individuals. Social Engineering attacks are on the rise. What is a Social Engineering attack? Simply put it’s

an attack that uses your employees, procedures and protocols to hack into your company’s system and steal your most valuable asset, your company and customer data.

What is Phishing? What is Spear Phishing?

In the age of the Coronavirus, many employees are working from the cloud. This means that they are not within shouting distance of their fellow coworkers, making it more difficult to double check who sent what. At times, cyber-attackers disguise themselves as IT workers. They will call, text or email employees claiming an issue with immediate urgency is occurring, and you must click this link or download this software to rectify the situation. In fact the Manor School System in Texas was hit with a phishing attack that cost them over 2.2 million dollars! Phishing attacks fish for inform by tricking your employees into opening emails, clicking links, or answering text messages plagued with

ransomware, spyware or other harmful software aimed at stealing information and gaining entrance to your system. Spear Phishing, which is a more targeted

approach, disguises the cybercriminal as a trusted staff member or affiliate and utilizes similar phishing techniques, to obtain data crucial to your business. In 2020 alone, a 600% increase in Phishing attacks was reported*. The CDC even went as far as to release a press release warning citizens and

companies of Covid-19 related phishing attacks.  These attacks would disguise themselves as vital information about Coronavirus, the stimulus, the WHO and other hot button issues, with dangerous consequences to anyone.

Nothing is To Big To Hack

No one is immune from these attacks. In the past year, cyber-attacks on banks have continued to climb by 238% since 2019*. In fact, the average ransomware payment went up by 33% to over $111,000! Think for a minute what a $111,000 hit would do to your business. Earlier this year the DarkHotel hackers attacked the World Health

Organization (WHO) and the Gates Foundation, leaking thousands of emails and logins to the Dark Web. Major companies were proven to be more vulnerable than they

expected this year as well. Nintendo suffered a breach that exposed information for 160,00 users of their Nintendo Online platform. Mitsubishi had blueprints

for a missile, yes, a missile, stolen from them in an attack. EasyJet, a UK airline had a breach that cost them billions of dollars in lawsuits and almost

killed the company completely. T-Mobile and Marriot were both hit with attacks that leaked thousand of employee and millions of customer email credentials.

MGM Resorts had 142 million guest accounts exposed. What do Canon, University of Utah, University of California SF, a German hospital, a Nevada school district

and Barnes & Noble have in common? Ransomware attacks that cost them millions.

The federal government was hit with what analysts are calling the largest coordinated cyber-attack in history. Solarwinds Orion was targeted with malware disguised as a software update in March to June of 2020. What makes this even more notable is of the 18,000 customers that fell victim to the attack, most were in the government sector including the US Dept. of Energy, Dept. of Homeland Security, the United States Post Office, the Treasury Department and the Pentagon. According to leading digital security firm FireEye, the attack was coordinated to exploit high profile users and included technology, telecom and consulting firms in the US, Asia, Europe and the Middle

East. Even more concerning is that this attack spanned 3 months and wasn’t even discovered until months later. FireEye is perhaps the leading tech security firm in the

United States and is employed by many top groups in both the public and private sector. Yet even they are susceptible to attacks from malicious actors.

According to an article in the New York Times, FireEye revealed that its own systems were pierced by what it called “a nation with top-tier offensive

capabilities.” The company said hackers used “novel techniques” to make off with its own tool kit, which could be useful in mounting new attacks around the world.

How do you protect yourself and your business from cybercrime?

Now I know what I just told you sounds downright terrifying. “Let’s be real here,” you may be thinking “if the government, MSP’s, security firms and billion-dollar industries are being hacked, attacked, and extorted, protecting my business is hopeless isn’t it”. Well, I’m pleased to tell you it isn’t. Cybercrime will never go away, but that doesn’t mean that there aren’t potent measures to combat it. It is key to remember that these hackers and cybercriminals are for the most part opportunists. The same way if you leave an

open window in your home you are more prone to a break in, if your passwords for everything is 11111111, you are more prone to being attacked. Your passwords are your first line of defense. When dealing with attacks such as credential stuffing, hackers are taking one username and password combination they have and attempting to use that combination on every other account attached to that person. Also, they can take information from employees’ social media, be it a pet they show off on FaceBook, or talking

about their Alma Mater on Linkedin to glean information that will help them crack a password. By using varied passwords, randomly generated passwords, and

avoiding personal information in passwords, you can help close the door on random cyber-attacks.

Proper security training for staff is also a key. For example, we at Delval Technology Systems provide our customers with monthly cyber security training. This helps keep your employees on their toes and helps them recognize and avoid attacks. A company’s data are not only assets to the company themselves, but to the staff as well. By training your employees to act as “human firewalls”, you have a fantastic defense system against social engineering attacks.

In the age of unified communications, in which companies employ all facets of telecommunications, it is important to have a staff that is knowledgeable of these threats and how to protect against them, wherever they may come from and whenever they may occur. A great tool to employ in the unified communications era is multifactor authentication. This is an added layer of protection and serves as a secondary identification process to prevent unauthorized address to systems

and accounts. This can come in the form of an identification email, text message or phone call. This ensures that the person using the credentials is

the actual owner of those credentials. For those companies that have migrated their workforce to the cloud, a secure VPN is paramount to keeping your network safe and secure.

“What is a VPN?”

A VPN is a Virtual Private Network, a secure connection between two networks that is made over the public internet. Think about it as a

reinforced tunnel to keep your data, traffic, and IP hidden from the rest of the internet.  Utilizing a VPN is akin to a Jedi employing a forcefield to shield ships from attack.

Finally, the absolute best way to protect your network and your data from hackers and their cyberattacks is to invest in Managed Security Services. Simply stated, managed security services gives your business access to top security technology and a team of experts that monitor your systems and protect you from attacks before they happen. Cyber Resiliency is a term you may hear a lot, and by employing a Managed Security Services company such as Delval Technology Solutions will make sure that not only are you prepared to face any threats that may come your way, you can also ensure that if something slips through the cracks, your business can minimize losses and get back to work

fast. The world of technology can be a scary place, but it doesn’t have to be.

With proper training and support, the kingdom that is your business can become a highly fortified fortress, protected from the marauding bands of raiders that are hackers and other cyber criminals. Contact DelVal Technology Solutions, named top 10 in Cloud Security by Enterprise Security Magazine two years running, for more information and protect your business, your data, and your customer’s data with our best-in-class services.

*1- https://www.wandera.com/statistics-on-remote-working-during-covid-19-lockdown/ *2- https://www.digitalcommerce360.com/2020/08/25/ecommerce-during-coronavirus-pandemic-in-charts/ *3- https://www.forbes.com/sites/simonchandler/2020/11/25/google-registers-record-two-million-phishing-websites-in-2020/ *4- https://www.cybertalk.org/2020/08/11/is-it-fiscally-responsible-for-financial-institutions-to-spend-a-small-fortune-on-cyber-security/


I Got A Guy: Co-Managed Solutions and Your Business

“I got a guy”, we’ve all heard it, we’ve all said it. When it comes to services we need, from a mechanic to a painter to your business IT support, we all got a guy, or have a friend whose got a guy. However, let’s really explore that, because one person may be a point of contact or the main person, but rarely ever is the only part of the equation. Your mechanic has his team, your IT guy or gal should be no different.

If you were building a house, and one person showed up with no backup and said “Ready to work boss”, your immediate response would be “This is a big job, where is everyone else?” Managing your network and protecting your business’s data is a big job. Your network keeps you up and running, and your data is as valuable as anything else in your business. Proper management can turn your business into a stalwart, improper management can cripple you and your customers.

SPECIALIZATION

Think about it like this, you fell off your bike and are pretty sure you broke your arm. You show up at the hospital and they say to you “We only have one doctor on staff, his specialty is podiatry.” You would then go to another hospital that has a team of specialists on hand. That isn’t to say this single doctor is unqualified, he just doesn’t have the tools or backup needed to properly handle what you are dealing with. He’s just one man. Now think about your IT tech. They are just one person dealing with tens to hundreds of computers. They are a specialist in about one or two things, in a field that covers dozens of specialties. A co-managed IT solution allows you to keep your existing IT professional while empowering both them and your business by backing them up with a team of experts.

SECURITY

Your system security is essential to your business. Think of it as war. You have enemy combatants trying to break into your system every day, attempting data theft, trying to access your infrastructure, and use your business to their advantage. Hackers are a formidable foe, and you need to fight fire with fire. With a co-managed solution, like the one offered by DelVal technology, you get the best of both worlds as your defense team. Your in-house IT specialist will be able to lead an army of security specialists in to battle with cyber attackers to keep your data and infrastructure safe. Defending the castle is more than a one-man job, and it isn’t fair to you or your IT personnel to make it one.

SERVICE

A lot can happen to one person to put them out of commission. Illness happens, family emergencies happen, and people leave. If that person is your onsite technician, the consequences could be devastating to your business. The man-hours lost, the confusion, the maintenance, and the risk associated with not having someone at the helm of your system is more than your business can afford. With a co-managed system, you have back-up in case of catastrophe. Your co-managed partner can step in to ensure that your data and network don’t fall to the wayside, or worse, if your guy or gal goes MIA. If you need to hire a new IT professional, your Co-Managed Solutions Provider or CMSP can make the transition smooth and seamless.

ACCESS

Technology changes at the blink of an eye. When it comes to keeping up with the times, your company’s IT department has limitations. Learning new technology takes time to learn, which takes time away from that person, that single person, managing your network. New technology, more so than anything, is expensive. In that sense, think of a Co-Managed system as a timeshare. With a timeshare, you pay a small portion of the fees for the property but have access to it a few times a year. With co-managed IT, you gain access to your CMSP’s technology, pairing it with your own to give you a timeshare approach to your technology and saving you tens of thousands of dollars a year. Even better, you don’t only get it a couple of times a year like you do with a timeshare, but have the technology working for you when you need it! As your company grows, so will your technology needs. The potential issues you can run into are abundant, and the anxiety and frustration that come with these hurdles can divert your attention away from where it matters, your business. With a Co-Managed approach, you and your IT personnel get a partner that helps you through the growing pains and helps you realize your business’s potential without having to break the bank on new technology.

COST

Think about your IT guy. Now think about how much it would cost you to have two, three or four of them depending on your needs. What if, however you can get the IT team you need without having to break the bank. With a Co-Managed Solutions Provider, like Delval Technology Solutions for example, you get a full team at your disposal for less than adding just one in house IT professional. You will reap the benefits of increased security, productivity, and growth potential at a fraction of the cost of adding a team of specialists to your payroll. Plus, think of the renewed vigor of your own IT person knowing they have coverage when they need it, and specialists to complement their specialty.You got a “guy” for your car repairs, a “guy” for your house repairs, but even they have a team behind them. You have a “guy” for your IT, you are loyal to them, you know them, you trust them. But what if one guy is not enough. That is where a Co-Managed Solutions Provider like Delval comes in. You get to keep your “guy” and give them the tools and backup needed to optimize your businesses technological potential. This helps you bring in more revenue and focus on satisfying your customers, at a fraction of the cost.


4 Ways to Increase Employee Engagement for Remote Work

Every type of organization faced challenges in 2020. Although there have been some difficult issues for most businesses in the last year, the best organizations learned many valuable lessons from the experience. Many successful companies have focused on employee engagement, which is one of the most critical factors in overall organizational success.

Why workforce engagement? A motivated remote workforce means increased productivity, better work quality and enhanced collaboration. When workers are motivated, they are happier. When they are happier, they produce their best work. Employee engagement is also directly linked to your company culture and your employee retention rate. This article will discuss how you can increase employee engagement even when your team is working from home. For more insight into remote work engagement, download the Ultimate Guide.

Start with the Basics

Organizational success begins with people, processes and technology. To address work-from-home motivation, first, you need to focus on the fundamentals

People: What challenges do your workers face while working remotely? Most feel isolated. They think that they don’t get recognition for their hard work. It can also be a struggle for them to stay in touch with their co-workers. Make sure that your remote workforce feels valued. Be sure to keep regular contact with them. Reward them when they do a great job and provide them with the resources they need to succeed. When you focus on your people, you will build a great company culture and keep your team happy and motivated.

Processes: Working from home offers more flexibility to employees, which is the single best perk to this work arrangement. With that said, there still needs to be a framework in place for how your business operates. Establishing remote work company policies ensures everyone is on the same page. Start with a working document in the cloud and update it when needed. Setting guidelines for remote work establishes order and helps your team avoid burnout.

Technology: If you want to increase team engagement, it begins with communication. With the right collaboration tools, your team can be in constant contact. This will help them collaborate on projects instantly, improve their workflows and access everything they need to work from anywhere. If you want to motivate your team, you need to provide them with the best resources to achieve company objectives. 

Once you have done these three things, here are five additional ways you can increase employee engagement.

Related: Are You Investing in the Latest Tech? Read More

1. Give Them the Best Tools

As we mentioned above, the technologies your team uses will directly impact their level of engagement. With a complete collaboration solution like Microsoft 365, your team will work smarter and faster in a shared workspace. Companies can communicate instantly in Microsoft Teams. They can synchronously edit in Word documents. They can access and share files through the cloud and work towards deadlines thanks to a project management tool. With the latest technology, the way remote teams work together is changing, so give your team the best tools to do their best work.

Related: Bolster Communication with the Right Tools? Read the Blog  

2. Pay Attention to Every Employee

Most employers believe that their remote team doesn’t want to be bothered by management. The truth is that most remote workers feel disconnected from their team and their supervisors. There are several ways you can show your team that you are invested in them even when they are out of the office. Set up one-on-one meetings through a video conferencing application. Send them prerecorded personalized messages thanking them for a job well done. Give them rewards through your HR platform or a rewards program like Bonusly. Company culture has never been more critical than it is today. 

3. Host Social Events

Even when your entire workforce is working from home, you can still have a fun office environment. Communication tools can increase productivity, but they can also offer several fun and unique ways to engage in team-building exercises together. With video conferencing tools, you can host lunch-and-learns, office happy hours, holiday parties or coffee breaks. Take these virtual social events to the next level by sending everyone a gift card to use for the event. There are endless options to increase engagement outside of the typical workday. Let your team choose an activity and then put their plan into action.

Related: How Does Your Remote Team Collaborate?

4. Help Them Grow

Successful companies create a culture that fosters continuous development. With the right coaching and training initiatives, your workforce will build the skills they need to do their best work. Furthermore, your organization will benefit because your employees know that you believe in their potential. Fortunately, with the right technologies, you don’t need a huge budget to develop meaningful training programs for your team that increase engagement. Create training courses and offer e-learning programs in your cloud platform. Encourage your employees to create cross-training videos. Promote professional development courses and reward your team for obtaining credentials.

How an MSP Can Help

Technology will continue to play a crucial role in employee engagement for years to come. Whether your team is in the office, working remote part-time or all the time, the smartest companies will continue to find ways they increase productivity, improve work quality and deliver the best client satisfaction they can. A driving force to accomplishing all of these things is workforce motivation. Download the Ultimate Guide to Empowering Your Remote Team and learn how to increase employee engagement today.