Month: July 2019

An Opportunity for Community Banks and Credit Unions

The ability to effectively distinguish themselves from their national big chain counterparts has been the rallying cry for most community banks and local credit unions. And if the reports of market share losses over the last two years are any indicator, it’s a battle that most are losing.

The ugly truth is, your customers will likely have to walk or drive by three to five national bank branches to get to yours; so, you better have something truly special to give them a reason to ignore all of the glitz and glamour your much better financed counterparts have to offer.

From the website www.thefinancialbrand.com, come the following insights

• Consumers are worried about their financial health across virtually all demographic segments. For many, this may mean living paycheck to paycheck or worse.
• Unsatisfied with offerings from their primary financial institution, most consumers rely on a hodgepodge of paper and digital tools, from monthly statements to electronic tracking tools available online and on mobile devices. There is a need for better options that are real-time, consolidated and easy to use.
• Security options top the list of desired tools for managing finances and protecting identity.
• As consumers become more aware and comfortable with digital apps across industries, they are more comfortable with digital banking solutions, opening the door for organizations that can provide integrated financial wellness applications.

And this is where community banks and credit unions can take advantage of the significant opportunity the AI-based financial wellness tools and cutting-edge security solutions can provide them.

Most key to these solution offerings are proactive tools that provide financial wellness insight to the customer as well as alerts and notifications regarding when bills are due or potential cash flow challenges that are based on past spending and income trends.

Consumers are demanding less cumbersome and time-consuming budgeting tools. Instead of reporting that is solely based on past transactional history, present-day AI solutions are capable of crafting highly personalized customer experiences and targeted financial guidance which is based in real-time, is contextual and forecasts rather than simply reports.

And these are offerings that even the 500 pound gorillas in the marketplace are slow to offer. Today more than any other time in our history, community banks and credit unions must heed the sage advice so many of us have heard in the past.

Innovate or die.

Let me start off by saying that I am supremely confident that data backup and recovery for your business is not exactly at the forefront of your daily concerns.You have clients, patients, and customers to satisfy.  Inventory to manage, bills to pay and operations to control.  Your day to day business operations take up every moment of every day and there is little room to be proactive about anything.But…data backup and security is a lot like flood insurance.  You don’t really give it much thought until the coastguard pulls up to your front door in an inflatable zodiac to rescue you.

And while I am at it, I am willing to bet that if you DO experience some catastrophic computer/network disaster, you are going be REALLY concerned about getting your data back.

Systems will be down, clients won’t be getting serviced and you are going to be giving serious consideration to day drinking at work.  And if there is a problem with restoring all that data, and YOU were responsible for backing it up, let’s just say you won’t be the most popular kid in the lunchroom.

And because the only way that I am going to be able to get you to take this seriously, here are some scary statistics to ponder.

1. 20% of all small businesses will be hacked within a one year’s time period.  Yep, one in five.
2. Of all the companies who suffered a critical data loss for more than a week, 93% declared bankruptcy.
3. Do you manage your own network?  40% of you will have it accessed by a hacker. And half of you won’t even know it happened!
4. Almost a third of all targeted attacks are deployed on companies with under 250 employees.

Now at this point, you might be thinking to yourself…” Hey pal,back off with the spooky disaster statistics.  We do backups.”

But my question to you is HOW do you perform them and HOW OFTEN?

I remember my first job was working for a veterinary hospital and the office manager at the time would perform system backups once a week on tape.  Then she would take that tape, stick it in her purse, and take it home until it came time to perform another backup.

Now, for 1989, this wasn’t a bad system, despite the myriad of things that could have gone wrong.  Like, what if the backup didn’t work (we never tested it)?  Or what about all the data that we collected in the six days between backup sessions?  Were we just ok with losing all of that?

Today, we have a variable cornucopia of options when it comes to backing up and securing our critical I.T. data.  From multiple/redundant external drives to cloud solutions, we have come a long way from taking a data tape home in our purses.

Andbecause each business’s data and I.T. environment is different, it is wise to talk to a professional firm who can assess not only the best service or tool, but the procedures and policies that will hold your shiny new backup system together.

InfoLink works with multiple vendors to provide just the right solutions that are tailored to your specific business and needs.  No cookie cutter fixes here.

And the best part is…we can actually SAVE you money on your solutions, not cost you more.To schedule a free evaluation of your systems and get answers on how to protect

them with iron-clad confidence, reach out to us today by visiting us at infolinktechnologies.net

As soon as I start talking about computer security, data breaches, and malware to small business owners, their eyes inevitably glaze over and their facial expression tells me one thing.

I know this is important, but I am too busy dealing with today’s challenges to worry about what MIGHT happen…

Hey, after all, this kind of thing only happens to the big companies, right?

The fact is, businesses large and small, from big retailers to small town chiropractors are being attacked. And it isn’t until your business has ground to a halt that you start to wonder why it happened and what the heck you are going to do minimize the damage.

Just for a moment, ask yourself these questions:

1. If you suddenly lost all access to your databases (customer info, transactions, etc.), how would that impact your business?
2. How would your customers/clients react to the news that you exposed their sensitive information to an outside source?  Oh, and BTW, you had no idea who it was or what they would do with it?
3. You no longer controlled your network and all sales functions came to a grinding halt, how many hours/days of that could you sustain before the damage was permanent?

The reality of computer security is that once you are a victim of an attack, the damage is done and there is little you can do to reverse it.  Your client?s confidence in you is already shattered, business has been lost, and the costs to repair it are going to be significant.

So, what’s the moral of this story BE PROACTIVE!

Almost all of the threats that are currently out there can be avoided by having sound and consistent I.T. security protocols and procedures in place. Gary Hayslip produced an exceptional article for csoonline.com that outlines the foundations of a sound Incident Management Plan.

1. Identify
   The business develops an understanding of its risk and then implements the capabilities to manage it. Core tasks in the Identify function are orientated towards gaining an understanding of the critical systems, assets, data, and capabilities required for business operations.
   • Identify and prioritize critical business systems and processes which may be exposed to compromise. Think of the procedures, applications, data, and people required for essential operations needed by the organization to function as a business.
   • Develop a Disaster Recovery and Business Continuity Plans (BC/DR) while taking into account some of the following requirements:
     • Coordinate how business with work with suppliers and primary customers during a business emergency.
     • Plan how the business would conduct manual or alternative business operations if required.
     • Plan how the company would do offline financial transactions.
     • Develop written procedures for emergency system shutdown and restart.
     • Develop and test methods for retrieving and restoring backup data; periodically test backup data to verify its validity.
     • Have established agreements and procedures for conducting business operations in an alternate facility/site.
     • Educate and train staff on Business Operations Plan, DR/BC Plan.
2. Protect
   The business implements a cybersecurity program with appropriate security controls and capabilities. The core tasks in the Protect function are centered on the organization developing the strategic processes to limit and contain the impact of a cybersecurity incident.
   • Develop core critical “cyber hygiene” policies including Acceptable Use, Access Control, Change Management, Information Security, Incident Response, Remote Access, BYOD, Email/Communication, and Social Media.
   • Implement an enterprise cybersecurity program comprised of these best practices:
     • Backup business data (daily incremental/weekly – full).
     • Keep all systems updated with anti-virus and anti-malware security software.
     • Keep all computer operating systems updated with current operating systems and EDR security patches.
     • Secure wireless networks with encryption and vendor recommended security procedures.
     • Implement, monitor, and audit system and network logging.
     • Implement access control and authentication of critical/sensitive networks and business data.
     • Train employees in cybersecurity awareness and proper use of business systems.
3. Detect
   The business implements the appropriate security controls and technologies to identify and investigate the occurrence of a cybersecurity event. The core tasks in the Detect function are focused on the timely discovery and investigation of anomalies and abnormal events through continuous monitoring and detection.
   • Implement continuous assessment, monitoring and remediation of network and assets deemed critical to the business.
   • Develop a training program for security personnel on the use of cyber threat intelligence and management of anomalous events.
   • Develop an incident response plan for the organization’s cybersecurity teams to manage during a cyber-event by doing the following:
     • Maintain a current inventory of computer assets (hardware, software, and cloud).
     • Maintain a list of IT service providers and emergency/law enforcement contact information.
     • Create a checklist of specific actions in the event of a cyber incident.
     • Define and establish priority notification of employees.
     • Define and establish priority notification of customers/clients as deemed necessary and at the appropriate time.
     • Define other notifications (e.g., law enforcement).
     • Account for Regulatory Compliance (as required).
     • Conduct refresher training on incident response emergency procedures (at least annually).
4. Respond
   The organization implements the appropriate controls and procedures to take action with regards to a confirmed cybersecurity incident. The core tasks of the Respond function are designed to support the business ability to contain the impact of a cybersecurity incident.
   
   • Identify impacted/compromised systems and assess the damage.
   • Implement incident response plan actions (emergency/contingency plans) to minimize the impact on business operations.
   • Attempt to preserve evidence of incident while disconnecting/segregating affected identified assets.
   • Collect the affected assets system configuration, network, and intrusion detection logs.
   • Notify appropriate internal parties, third-party vendors or authorities, and request assistance, if necessary.
   • Reduce damage by removing (disconnecting) affected assets.
   • Document all steps that were taken during the incident and conduct a “lessons learned” discussion to improve the incident response team?s procedures.
5. Recover
   The organization develops and implements procedures to be activated in the event of a cybersecurity incident. The core focus of the Recover function is to keep the company in operation during such an event and assist it in recovery efforts as it returns to normal business operations.
   • Restore recovered asset to a periodic “recovery points” if available and use backup data to restore systems to last known “good” status.
   • Ensure all backups of critical assets are stored in a physically and environmentally secured location.
   • Remember updating recovered systems with current data may require the business to manually input transactions if it was conducted offline due to a cyber event.
   • Create updated “clean” backup from restored asset.

In today’s dynamic threat environment, developing a risk management methodology is a strategic imperative for companies. NIST’s risk management functions are necessary steps an organization can follow to manage its risk and the impact of a cyber incident. It is important to begin the process; accept you need it and incorporate it into the business portfolio of critical operations that are required to be successful.

If you watch the news with any kind of regularity, stories of companies falling victim to a cyber-attack almost seem commonplace nowadays.
Typically, the attacks are centered around credit card information or personal records like medical or personnel.  Either way, it never plays well on the news for the company who fell victim.

In 2017, cyber-attacks cost the global economy over $450 million and the average breach costs a company around $3.6 million in total.
Aside from this terrifying amount of money, cyber-attacks take their toll on companies in ways that are tough to recover from.

The “Unseen Costs” can include…

1. Damage to Brand and Reputation
2. Loss of Intellectual Property
3. Compromised Customer Relationships
4. Huge Insurance Costs

The days of approaching cybersecurity for your business as a second thought are over.  Companies both large and small, from huge manufacturers to private medical practices must all become vigilant and take aggressive and proactive steps to protecting themselves…NOW.

Chances are, if your company DOES become a victim of a cyber-attack, you won’t end up on the six o’clock news.
But what would it cost YOUR business?  And could you survive it?

To learn how Info-Link Technologies can help protect your business, visit us at www.nfolink.net.

If you are a business owner or manager, you can probably remember a time when acquiring new technology for your business was actually?exciting.
It was a time for unwrapping shiny new gadgets that promised incredible productivity and exciting new ways to manage your businesses.? And oh, that new electronics smell!

But as all those new tablets, touchscreens, phone systems, cameras, and laptops came into your offices, so did the headaches when they didn?t quite live up to your expectations.

After all, they needed to be connected, networked, firewalled, protected with anti-virus software, upgraded, and maintained.

It took time.  A LOT of time, and many of us started to wonder how we would manage it all and still run our companies.

And then came the time when your beloved technology just up and failed you.  Maybe a laptop crashed or a printer fell off the network just as you were preparing that big presentation.

That?s when many owners and managers are forced to call in a professional IT company.  And for many, that is when the romance with technology ended.

Long wait times for repairs, excruciatingly extended downtimes, and unexpectedly high invoices for these repairs hit us hard.

Many businesses admit to being frustrated, resentful, and distrusting of their chosen IT companies.  It seemed that the IT pros that were being paid to keep things working were actually invested in keeping their client?s technology failing.

After all, that?s when they made their money.

As fellow business owners and managers, we here at Info-Link found this business model unacceptable and we set out to change how businesses experienced IT support and management.

1. We knew that it was our client?s technology UPTIME that should be invested in, not paying to correct DOWNTIME.
2. We knew that our clients could not afford to be hit by huge, surprise IT bills.? They required predictable billing that could be budgeted for ahead of time.
3. We knew that our clients demanded the most highly trained and experienced technicians and engineers.? Our clients would not pay high hourly rates for someone to ?learn their way? through the solution.
4. We knew our clients needed to trust us with their business?s health and success.? We had to be trusted partners, not just vendors.
5. We knew our service had to be FAST.? Because when critical technology fails, our client?s businesses could come to a halt.

Today, Info-Link Technologies provides IT management and support services unlike anyone else in the market.  Our business model and people are not to be found anywhere else in central Ohio.

So, if you are ready to fall back in love with your business technology, and your IT company, contact us today to discuss how we can rekindle the romance.

For most of us in business today, our work performance and ability to service our customers is directly connected to our computer systems running reliably.  When our IT assets fail, business as we know it stops.

We need our hardware to work efficiently and we require around the clock access to our data and information systems.

When these systems go down, we miss deadlines, our employees lose productivity, and we disappoint customers and clients.  This means stress, lost focus, and eventually, lost revenue.

In short…downtime sucks.

There are two major ways that our I.T. systems can fail us. Hardware failure and software issues.

Luckily, with a bit of proactive planning and some Boy Scout like preparedness, we can head off many of these disasters and keep things running just as smooth as a dolphin’s belly.

First, we will tackle hardware.

A recent survey from Quorum’s Disaster Recovery Report found that hardware failures account for at least?55% of all I.T. related downtime, and it takes an average of 30 man-hours to recover from this kind of failure to our systems.

And that 30 man-hours of recovery time is expensive, costing our businesses thousands of dollars or more in unbudgeted expenses and lost revenue.

There are two main strategies for preventing and preparing for hardware failures.

1. Have Backup Equipment on Hand:? This can be as simple as having a spare mouse or keyboard in the office, to an extra laptop or tablet.? The cold, hard truth is, it’s not IF your hardware will fail, but WHEN.
   
   When we have a spare available and ready to deploy, our downtime is virtually eliminated and we have time to replace the failed equipment without impacting our operations.
   
   
2. Use Multiple Hard Drives and Cloud Backup:? Hard drive failures are especially devastating and drives can fail gradually, with defective sectors dropping out over time and without warning.
   
   The key to avoiding these failures, and the resulting loss of critical data, is REDUNDANCY.? Utilize multiple hard drives on your computers and employ cloud-based data backup services that will ensure that, even in the event of a location based disaster like a fire or flood, your data will be protected on an off-site location.

Just like the hardware issues discussed just now, software has two main areas that can cause a business heartburn, when not properly managed and system failure raises its ugly head.

1. Malware and Virus Protection:? According to industry surveys, threats to data security for businesses?cost an average of $3,000.00 per day, per user.? Contact a professional I.T. Management and Support company to make sure that your systems are protected with effective and consistently update anti-malware and virus protection software.
   Just as critical as the software protection is developing and adhering to Computer Security Best Practices.? A well-qualified IT Support firm can assist you in developing a custom designed program for your business, but here are a handful of key points to adhere to.
   
   
   • Don’t automatically click on links or attachments in emails.
   • Keep your anti-virus software updated regularly and be sure scans are being executed.
   • Be sure your systems are securely firewalled.
   • Don?t allow data files to auto-execute programs.
   • Keep passwords and other online credentials protected and secured.
2. Software Upgrades:? Although keeping our software systems updated and delivering at peak performance is beneficial in most instances, this process also comes with some inherent risks to our system’s stability.? Software upgrades and updates can potentially cause conflicts with other software your business utilizes.Prior to deploying upgrades, carefully research any potential conflicts or consult with a qualified IT professional to be sure that one minor update doesn’t result in a major system crash.

As you can see, with a few simple, proactive steps, many of the scary I.T. disasters we all dread can be greatly avoided.  Sound best practices, backup systems, and preparedness, along with partnering with a solid I.T. support partner will keep your business up, running, and most importantly, making money.