noelward
Well-known member
What do you do When the Dragons Come to Call?
By Noel Ward, Editor@Large
A few sips into the second beer many business owners will start talking about the things that crawl out of the dark in the wee hours and make sleep an elusive pursuit. You’ve probably attended a conference or two where “What Keeps you Awake” was a session that brought out all the fears, worries and concerns that haunt the darkness. For print providers one of the top concerns is data security, especially if you handle any type of sensitive customer data. This is not limited to shops handling transactional and financial information. While those are potentially more lucrative, consider the amount of information about your company and its customers that reside on your servers and back-up systems. Chances are you don’t want anyone getting at any of this information. Cyber-attacks can devastate a company.
These days you cannot be too careful. Security experts cited four questions about cyber-attacks that must be addressed.
This is something you need to do now.
The Cloud is not your friend
One illusion held by many print providers is that you are safe if you are in the “Cloud.” Wrong! Nice idea, but the Cloud is just a remote server someplace other than your IT room. While presumably well-protected against intrusion, the Cloud server can still be infected with a nefarious virus. Moreover, some problems may not appear until a file or application is loaded and used on your system/network. The only way to know for certain is to test in advance, and if you have more than one facility, be sure test from multiple locations. For instance, your facility in State or City A may be fine, but the same file being opened in State or City B may blow up. While you’re at it, be sure to test your ability for moving data and jobs from one location to another while looking for data breaches or holes in your security. Furthermore, if you partner with another firm work with them to be sure their system is also “clean” so you don’t infect each other.
To help keep intruders away, listen to what the pros tell you, such as daily back-ups to secure servers, and regular testing all measures of security in all locations. Some points to bear in mind:
By Noel Ward, Editor@Large
A few sips into the second beer many business owners will start talking about the things that crawl out of the dark in the wee hours and make sleep an elusive pursuit. You’ve probably attended a conference or two where “What Keeps you Awake” was a session that brought out all the fears, worries and concerns that haunt the darkness. For print providers one of the top concerns is data security, especially if you handle any type of sensitive customer data. This is not limited to shops handling transactional and financial information. While those are potentially more lucrative, consider the amount of information about your company and its customers that reside on your servers and back-up systems. Chances are you don’t want anyone getting at any of this information. Cyber-attacks can devastate a company.
These days you cannot be too careful. Security experts cited four questions about cyber-attacks that must be addressed.
- What do you do when the dragons come to call? It’s going to happen, so you need to be prepared.
- What are you doing to prepare for this? You must have a plan that you can implement quickly.
- Where can you seek help? You don’t need to have all the expertise in house, but you must have ironclad service agreements with IT and security experts who can guide you.
- How can you get back up (and how quickly)? This is not a restart-the-system problem. That can make things worse. Much worse. Some viruses are designed to fire up after a restart.
This is something you need to do now.
The Cloud is not your friend
One illusion held by many print providers is that you are safe if you are in the “Cloud.” Wrong! Nice idea, but the Cloud is just a remote server someplace other than your IT room. While presumably well-protected against intrusion, the Cloud server can still be infected with a nefarious virus. Moreover, some problems may not appear until a file or application is loaded and used on your system/network. The only way to know for certain is to test in advance, and if you have more than one facility, be sure test from multiple locations. For instance, your facility in State or City A may be fine, but the same file being opened in State or City B may blow up. While you’re at it, be sure to test your ability for moving data and jobs from one location to another while looking for data breaches or holes in your security. Furthermore, if you partner with another firm work with them to be sure their system is also “clean” so you don’t infect each other.
To help keep intruders away, listen to what the pros tell you, such as daily back-ups to secure servers, and regular testing all measures of security in all locations. Some points to bear in mind:
- Be thoroughly prepared to talk candidly about your business and security concerns. It’s OK to be ignorant. There are no dumb questions.
- Complete restorations—some of which may take hours or days—can also restore a virus, which arrives ready to pounce, putting you back to square one. To be sure, have your data security partner test restorations and the process used.
- Think darkly. Once the bad guys have the data, what do they have? For example, getting customers’ account numbers and other information can be bad and cost you customers. But suppose the bad guys collected your employees’ Social Security and direct bank deposit numbers?
- Be aware that some bad guys go after disgruntled employees to gain access to your systems. Those unhappy people may still work for you and you don’t necessarily know who they are.
- At a conference I attended a couple months back one printer pointed out that a $5 million cyber-attack insurance policy may not be enough coverage and may be the limit some insurers allow. Read the fine print!
- Speaking of cyber insurance, realize that not all claims are paid by insurers. Talk with an insurance attorney who is recommended by a trustworthy cyber-security company, so you know how comprehensive your coverage is.
- Once a data security process is in place, document everything so you will be able to not only know what to do if/when things go sideways, but also where to look for future problems so you can address them before they occur.
