SharePoint Saturday - October 28, 2017
UPDATE | 2017-07-18
Mark your calendars for the 6th annual SharePoint Saturday Ottawa! Microworks is pleased to continue our sponsorship of this terrific event.
SharePoint Saturday is a free day of presentations on a variety of topics related to all things SharePoint.
This is a free event, but you should register to help the organizers plan for the free breakfast and lunch.
Go to the SharePoint Saturday Events website to learn more and register. http://www.spsevents.org/city/Ottawa
New Security Assessment
UPDATE | 2017-06-02
Microworks is pleased to announce its next generation IT security assessment framework. We have broadened this very successful service to include:
- Network security
- Server security
- Physical security
- Email management
- Website, extranet, and intranet
- User devices
- System backup and recoverability
- User management and directories
All businesses are facing increasingly serious security threats, such as the recent global ransome-ware attack. Contact us today to learn more about protecting your information systems. Email us at firstname.lastname@example.org, or call 613.786.3200.
True Stories of Data Loss
UPDATE FROM KENDALL LOUGHEED| 2017-04-10
Being a 7/24 IT support provider for over 30 years, we meet a lot of new customers suffering an emergency. In most cases, a little more planning would have gone a long way to avoid the crisis in the first place. Here are some typical stories:
"We are moving to the cloud and we ran into problems. Now, we need to roll back until we fix the problem, but the backup disks and the old server seem to have the wrong information."
The bad news… External backups had an incomplete SQL Server dataset. Six months of history was nearly useless. The old server was erased by the cloud migration team.
"We were backing up to the cloud every day so we'd have an online restore point if we ever needed one. We've been hit with ransomware."
The bad news… The ransomware also encypted the cloud storage and you don't have any backup copies. Now, it's pay or lose everything.
"We accidently deleted critical information six months ago when we did our year-end processing. We only have one month of history."
The bad news… Your provider has been routinely overwriting your data history.
Here is my best advice. Define your data retention needs so you know what to keep and how long to keep it. Only off-site storage can protect you from fire, flood, or theft. Offline storage and lots of history will help protect against the encryption-malware bad guys.
Define how much you are prepared to lose and how long you can wait before recovering data. These are called recovery point objective (RPO) and recovery time objective (RTO).
Personally, I like tapes. They are a pain to manage but they can be stored and are resistant to physical damage. By default, I recommend a complete backup at least every day for a month and every month for a year, plus every year for 7 years. Better yet, define a retention schedule that meets your business needs, legal requirements and risk tolerance.
Malware and Online Security Threats
UPDATE FROM KENDALL LOUGHEED | 2017-02-17
Canadian businesses will soon be compelled to report cyber crime to the Office of the Privacy Commissioner of Canada. Compulsory and rapid reporting can help warn other potential victims whose identity and financial information are at risk. Cyber criminals collect lists of customers, credit card numbers, and personal information for later use.
Ransomware from email attachments is the biggest threat, preying mostly on companies that do not backup their files each day. Many companies simply backup to a single drive, not knowing they are still vulnerable. Victims are surprised, thinking they had adequate security from their anti-spam software.
Being a victim is harsh, humiliating, and expensive so it is no surprise that most crimes go unreported. It makes companies look incompetent. There will be potential liabilities to customers whose personal information was stolen. It's estimated that under 10% of companies now report a cyber crime.
Malware attacks are increasing, but so are the countermeasures. Top providers collect data from tens of thousands of sources then automatically publish the latest intelligence directly into email servers and vulnerable sites. Prevention can be minutes away.
Here is some quick advice.
- Be sure to use well established anti malware/spam providers.
- Install email gateway servers on the perimeter of your network.
- Make sure your firewall gets regular updates on vulnerabilities and malware sources.
- Make sure you have plenty of backup history on different media in different locations.