High-profile hacks are in the news a lot lately and you’re understandably on edge about your internal data being compromised. You need to protect yourself from both external and internal attacks, however, you could still lose your data in a non-virtual way as well. Your disaster plan needs to account for both physical and virtual threats.
Virtual Threats to Data
This is the newest online threat to businesses and it’s taking over from most other threats. Since 2013 when CryptoLocker exploded on the scene in 2013, ransomware has become epidemic, ultimately costing an estimated $75 billion loss to small business due to downtime and the ransom payment total in the hundreds of millions of dollars in 2016.
Ransomware is where someone forces a business to pay up or lose their data forever. This is accomplished by getting you to click on an email attachment or a link that leads to a site that pushes ransomware code through your browser. Your key files (documents, audio and video) are quickly encrypted with a password that is basically unbreakable, and the criminals demand payment, sometimes more than one, to unlock it. Of course, you’re assuming that the criminals keep their word after receiving payment, most don’t.
Loss of Access to Cloud-Based Data
Cloud storage (basically someone else’s servers) are an amazingly beneficial way to share data between users and devices, however, you are relying on another organization to keep your data secure and available. The attack on Dyn that happened in 2016 caused Reddit to be down for a good portion of the day, so there’s no guarantee that cloud- based data will always be available 100% of the time. These attacks could also lead to data compromise or loss, too.
Physical Threats to Data
Theft and Loss
The actual theft of physical equipment is pretty tough to pull off, but it’s not impossible. Generally, as devices get smaller, they’re more vulnerable to theft as well as someone just losing them. Surprisingly, the theft of laptops and small items like USB sticks is common.
Fire is an obvious hazard, however, it’s usually how that fire is put out that is the secondary hazard, and usually the worst. Server rooms today come with special fire suppression systems that seal the room and deprive it of oxygen, but the rest of the building it just the same fire sprinklers as anywhere else. These old-fashioned fire sprinklers are going to ruin any devices that might be under them when they go off.
The location of your server facility could be a big threat to your equipment due to a natural disaster, and that needs to be taken into account. For example, California there is that possibility of the “big one” happening and that must be in the back of your mind. As well the Gulf Coast, where the warmer months mean watching for hurricanes and coastal flooding. Remember Katrina?
There is no ‘one size fits all’ solution but there is one approach that you should definitely work into your disaster plan, and that’s having backups of your local data as well as what’s in the cloud. You want a ‘snapshot’ system that backs up most, if not all, of your IT infrastructure, which makes automatic backups at frequent intervals, every few minutes is best. With this system, you can quickly restore your business back to functioning if you’re ever hit with a data loss.
Do You Know Why the CRA Uses a Profit Test for Business?
What is Income Splitting and How Can it Reduce Your Tax Bill?
How Can You Claim Expenses on a Business Loss?
10 Red Flags That Can Trigger a CRA Audit For Your Small Business
Self Employed? Do You Know What Your Tax Obligations Are?
What are Input Tax Credits?
Tax Strategies to Reduce Small Business Income Tax
Common Income Tax Business Deduction Myths