How Much Should You Pay For A Business Continuity Plan?

 

Several recent studies suggest that between 75% and 80% of businesses that experience a major fire or other significant disaster will never re-open or end up shutting down within 18 months. That staggering statistic is much easier to comprehend considering that a mere 35 percent of small to mid-size businesses have comprehensive disaster recovery plans in place, according to Gartner Research. While “a lack of awareness” and “cost” are listed as key reasons why organizations don’t implement safeguards on their critical business information and systems, these programs are the best investment a company can make.

So, what should a good business continuity/disaster recovery solution cost? While the true answer should be “as much as it takes,” almost every organization must work within its budget constraints. That means finding the most cost-effective solution available—minimizing company exposure without subtracting significantly from its bottom line. Since the most pressing concern for most business owners is how much revenue could be lost if their critical systems go down, the evaluation process should start there.

How much does an hour of downtime cost your company? The precise investment to make in a business continuity solution can be hard to justify unless you’ve experienced a severe outage in the past, but it’s fairly easy to assess the potential dollar liability of various disruptions using the following example scenario.

Let’s assume your monthly business expenses for wages, rent, utilities, and other expenses total $55,000. Divide this by the monthly hours of operation (200), which equals $275.00 per hour. Now assume your business is offline for an entire week due to a disaster. Based on a 40-hour workweek, your expenses would be approximately $11,000 for that week. But you’ll also have lost revenue while your business is shut down. Using your annual revenue divided by the number of hours your business is open, let’s assume that amounts to $1,000 per hour. Again, for the same 40-hour workweek, that would be $40,000 in lost revenue. The grand total for a weeklong business shutdown would approach $51,000!

Business continuity plans and the related systems are bonafide insurance policies, designed to protect an organization’s key information, applications and related files. While some can be quite comprehensive, depending on the company’s size and footprint, each should include these basic elements:

• Business continuity plan: include a complete list of precautions to minimize the effects of a disaster on the organization. This should be reviewed and revised at least on an annual basis.
• Onsite backup: combines and stores copies of each essential file and all company information.
• Remote site backup: ensures that a business can be restored if their facilities are destroyed. The Federal Reserve suggests highly critical data be kept at least 200-300 miles away!

The disaster recovery plan is just as important as the organization’s business plan, which explains why many companies consult with experienced IT solution providers to help develop and implement the program. With so many variables and scenarios to consider, as well as the complexity of some of the available solutions, an experienced disaster recovery specialist can streamline the process and offer the best options.

After calculating the potential financial damage if a major outage or catastrophe were to occur and spending some time with a qualified specialist, it should be much easier to gauge the required investment. Of course, that’s also when many company owners and executives realize that the most costly disaster recovery/business continuity option is not having one.

About TeamLogic IT

At TeamLogic IT, we help out customers plan their technology investments so they can run their business efficiently and affectively.  And we help them plan for the unexpected.  Not only can we provide a foundation for their business continuity planning but we help them with implementation of that plan and maintaining it over time.  A disaster can strike at any time.  Is your business prepared to deal with the unforeseeable consequences?  Call us at TeamLogic IT and we will provide a free consultation on the business continuity planning and alternatives.

Taking the worry out of your technology.

Call us today or email

650.336-7500

MountainViewCA@TeamLogicIT.com

www.TeamLogicIT.com/MountainViewCA

Cell Phone Safety Tips

Due to their growing popularity, cell phones are fast becoming a favorite target of thieves. To reduce your chances of becoming the victim of a cell phone theft, the New York City Police Department offers you their safety tips.

1. Always be aware of your surroundings. Thieves may be watching you.
2. Avoid becoming distracted by your cell phone conversation when walking on the street.
3. Keep your cell phone out of site. Don't hang it from your purse of jacket.
4. Switch the ringer off to avoid attracting the attention of thieves.
5. Never loan your cell phone to a stranger. In case of an emergency, offer to make the call for them.
6. Consider using hands-free technology.
7. If your phone is lost or stolen, report the loss immediately to your cell phone service provider and the police.
8. Keep details. Make a record of all your phone information and keep this in a safe place. Include the following elements in the information:

• Your phone number
• The make, model, and serial number.
• Color and appearance details
• The pin or security lock cod
• The IMEI number (on GSM phones)

 Other Good Preventative Advice

Add a security mark. Use an ultra violet pen to print your post code and house number onto both your mobile handset and battery. This makes it easily identifiable as your property if lost or stolen. It would also be good if you write your alternate contact number or email id on your phone. This would help the finder of your handset to contact you if he or she intents to return it. The ultra-violet pen marking will wear off every couple of months, so reapply it when you feel necessary.

 

Use the security lock code, or PIN feature, to lock your phone. This will make it less valuable to a thief and deny them access to personal numbers stored on your SIM card.

If Your Phone is Stolen

Have your phone number disabled. In addition to reporting your phone lost or stolen, you should also disable your phone number (not account) so that no further charges can be applied. This is in case the thief figures out how to access your account through another hand set, or in case the carrier is unwilling to block the handset. Remember that, as mentioned earlier, many thieves stand to benefit from using your service rather than selling your phone, especially between the moment they steal it and the moment you realize your phone is missing.[4]

 

Keep in mind that once the phone is disabled, it may not be able to be used again, even if you get it back. [2] Keep records of this call--the date, time, name of the person you spoke to, what they said, and their extension. Ask for confirmation in writing that your phone has been disabled.[3] This is important in case the thief makes fraudulent charges on your account.
 

File a police report immediately. Time is money, literally. A thief can add over US$10,000 to your cell phone bill in just hours by making international calls, and you might end up being asked to foot the bill.[6] Some phone companies may require proof that the phone was actually stolen, versus it having been lost. A police report serves as evidence, which will make your wireless provider more cooperative, especially if insurance is involved.

 

If you continue to encounter problems with your wireless provider in that they are not disabling the phone or your account in a timely manner and insist that you cover the charges made by the thief, let them know that you intend to file a complaint with the Federal Communication Commission (FCC), your state attorney general's office, and your state's public utility commission (PUC) (or the equivalent authorities in your country).

 

Request an immediate, formal investigation from your carrier. Sometimes this can prevent (or at least delay) the carrier from launching a collections effort and tainting your credit, if things get ugly.

TeamLogic IT Offers Mobile Device Support Services

We would rather be proactive about the use of personal mobile devices used at work. Business data is being accessed and transferred through mobile devices at a staggering pace.  We can help improve the productivity of your mobile workers while keeping your corporate security practices in place.

 

10 Tips to Protect Your Computer from Viruses

Computer viruses are often a hassle and can be a real time-consumer. In the worst cases they can mean a total reinstallation of your operating system—and sometimes damage to your hardware. While the only absolute defense is to totally unplug from the Internet, here are some tips that can lessen the odds of infection.

1. Delete unknown emails: Seems like a no-brainer, but people who make a career out of spreading viruses have become pretty sophisticated in disguising the emails they send. Bottom line: Delete all emails from unknown sources, and never download or open an attachment unless you are sure it’s from someone you know.
2. Update your software: Keep all of your software up-to-date, especially your Windows operating system. Keep Automated Updates turned on to download and install updates automatically.
3. Only install software from trusted sources: Stay away from downloads from unknown sites. If you are asked to install other programs to ensure another piece of software works, stop and do a bit more research. In many cases, additional programs contain spyware.
4. Run virus scans habitually: Set up a schedule for your computer to run antivirus software. Do scans late at night or whenever you don’t use your computer, as it will run slower. Everyday scans are best, but at the very least do it once a week.
5. Back up your drives: CD-writers make it easy and relatively cheap to back-up your hard drives and network drives. Or, you can automate your back-ups with back-up software.
6. Activate your firewall: A firewall limits the ports on your network that are open to the public; so having one in place is critical. If you use a wireless router, make sure it has a built-in firewall. A software and hardware firewall is more effective than just having one or the other.
7. Lock your wireless network: Wireless routers usually have no security settings in place when you install them. You must log in, and at the very least establish a basic, password-required security setting to prevent others from gaining access to your network.
8. Steer clear of P2P file sharing: Some people with savvy tech skills can download P2P files without incident, but if you aren’t careful you might end up downloading a file with a keystroke logger attached. Keystroke loggers can transfer anything you type on your computer to another computer, and are difficult to detect without a quality antivirus or anti-spyware program in place.
9. Stay away from trashy websites: There’s no other way to say it. If you look at trashy websites, you will get a virus or spyware, period.
10. Install software that takes snapshots of your system: Regular snapshots of your system can help you analyze for infected files or changes in your system or drivers. It’s also a helpful tool to recall and recover all of your files in the event of a crash.

10 Ways to Stretch Your IT Budget

If you have a small business, there are ways that you can make your budget work harder by implementing some cost-cutting measures. Budgets continue to shrink, so spending on your business technology can be smarter by taking advantage of today's methodologies and products. 

1. Alternatives to Microsoft Office 

Most businesses hold onto Microsoft Office as if their work-lives depended upon it. The truth is, it doesn’t. Google Apps and LibreOffice have both evolved into business-class productivity suites that can easily replace the de facto standard, Microsoft Office. This move will especially help small businesses that don’t benefit from bulk-purchase prices from Microsoft. And since most users tap into only about 10 to 15 percent of the features and power of their office suite, why not save nearly one hundred percent of the cost of the proprietary solution? Besides, a tool like Google Apps makes collaboration between teams even easier.

2. Consider Linus for Your Terminal Server

The Microsoft Terminal Server is a powerful tool — and it comes with a powerful price tag. The more users you need, the more costly that option will be. Replace that box with a Linux machine and you can have the same kind of power at a small fraction of the cost. And adding more users won’t wind up costing you the entire budget. So long as your hardware can handle it, you can add as many users as you like — at no cost.

3. Bring your CRM/ERP/HRM Solutions Inhouse

If you go to SourceForge and search for CRM, ERP, or HRM, you’ll be astounded at the hits you get. Not only are these solutions plentiful, they are powerful. With the likes of Drupal, Joomla!, OrangeHRM, and countless other tools, you will have your business-to-customer-to-vendor-relationship in perfect harmony. And since these are mostly Web-based tools, you’ll be able to work that magic from anywhere that can reach the server housing the tool.

4. Migrate to Networked or Cloud-based Storage

The benefits of this might not be immediately apparent. But migrating your users’ storage from their machines to a centralized location can help save your budget by reducing strain on the client machine (less writing to drives and more over the network). This will also help save costs because you can more easily back up all end-user data from a single location.

5. Consider Linux for Some Users

 There are always certain desktops in a company that have a limited usage. And because much of business has migrated to Web-based tools, a Linux box makes perfect sense. With those machines, you won’t have to worry about virus infections, corrupt registry entries, or users installing malware-infested applications. Some machines will need Windows (such as those that use proprietary software or software with no Linux port, like QuickBooks). And there will be users who refuse change. For those instances, simply stick with what works best. But for the machines and/or users that can make use of Linux, make the switch and you’ll save.

6. Have a Solid Back Up Strategy

It’s inevitable: Hardware is going to break. That means every machine in your company, at some point, is going to give up the ghost. When that happens, so much time can be lost recovering data — be it user-level or company-level data. One of the most critical tasks is to make sure backups run and run consistently. With a solid backup plan, you will save quite a lot of money in the end, even if only in time.

7. Implement Strict Antivirus and Anti-Malware Policies

A big issue with end user machines is the “accidental installation” of malware or the infection of viruses. One of the best ways to help yourself out is to use an antivirus solution that can be managed from a centralized location. Regardless of what you use, it is crucial to make sure that all antivirus and anti-malware software is up to date (both the application and the definitions). It might also behoove you to make sure that end users aren’t installing extra “features” for their browsers — such as coupon finders.

8. Creative Solutions for Your Business

Encourage the use of creative thinking to solve issues with client computers and servers. Most every computer issue has multiple paths that can arrive at a solution. Sometimes the creative solution is the one that can help save money in the end. Not all administrators can think along these routes, so don’t press them if they aren’t capable. But encourage those who can think creatively and on their toes.

9. Document the Details

You want to save time? Document your hardware, your network topology, and your software. Document your users, your users’ PCs, your backups — anything you can possibly think of that will help you save time and make transitions from one software/hardware/administrator to another as smooth as possible. This documentation will also go a long way toward helping you see how everything on your network is used and what can be used more efficiently.

10. Implement a Help Desk Solution

Many smaller businesses use an employee whose job isn't IT to help employees. At some point, the employee can't be efficient doing his/her own work. In addition, the ability to track progress on issues and to review previous issues (and how they were fixed) can really save you time and money. And enabling end users to submit tickets will help ensure that issues are better managed and resolved more quickly. 

Talk to TeamLogic IT, Your Local Expert

Whether your business has dedicated IT staff or whether you use a consultant, you should consider meeting with a full-service IT company that can meet with you, learn about your business, and make recommendations such as these, based on your specific needs and goals.  TeamLogic IT is the trusted IT advisor for a growing number of small businesses in the Bay Area.   We can be your IT dept; augment your IT staff, or help out with specific projects.

Protecting Your Business Data

In our last blog, we talked about malvertisements, a type of virus that is capable of stealing your computer data without any overt action on your part.   In this blog, I will go over the high-level elements of the small business backup strategy, which is part of your overall business continuity plan.

Data Backup is Part of Business Continuity Planning

It’s much easier to build in storage resiliency when data storage is conceptualized, planned and deployed than it is to bolt on protection afterwards. The advantages reveal themselves at many layers of the continuity planning process.First, we strive to avoid preventable disasters by doing such things as monitoring and managing infrastructure. That way, we can spot burgeoning error conditions and resolve them before we’re hit by an outage.

In addition to doing something about disaster prevention, continuity planning aims to develop strategies for coping with disasters we can’t prevent. This is where data protection comes in. Because data can’t be replaced, it must be made redundant as a safeguard against corruption or loss, whether caused by user error, application faults, malware and viruses, equipment malfunctions and so on.
How data would be protected could make all the difference between a smooth recovery or lots of delays and disappointments and, well, disasters. Hardware lock-ins, which are created when relying on proprietary on-hardware snapshot, mirroring and replication technologies purchased with the storage rigs themselves, are problematic over time. For the functionality to work at all, you usually need to buy two copies of the rig from the vendor: one for the primary site and another for your recovery facility. These specialized pairings get in the way of coherent data protection and recovery, especially as data storage infrastructure grows more heterogeneous.

The good news, is that software-based storage virtualization can help to alleviate this problem by enabling delivery of protection services such as continuous data protection (CDP), snapshot, mirroring and replication services on a cross-platform basis -- irrespective of hardware brand. Preventing hardware lock-ins from the outset is key to making disaster recovery efficient. A good storage virtualization approach can provide a more unified way to deliver the right data protection services to the right data at the lowest possible cost.

The complexity of recovery is made worse by the proliferation of data protection service lock-ins. If you think it through from the start -- when building infrastructure itself -- you can create a rich, built-in, hardware-agnostic, data protection-enabled infrastructure that will cost a lot less than bolting on various mirrors, replicators, clusters and backup processes after the fact.

What to Include in Your Disaster Recovery Plan

• Inventory all IT assets.
• What applications are running on what systems.
• Don't omit standalone data from the recovery plan. 
• Increasingly, business-critical data and documents are stored on laptops and desktop compute
• Prioritize the data and applications and assess their varying criticality. 
• The data recovery plan should explicitly state the recovery order of data and applications.
•  Maintain offsite data backups.
• A comprehensive tape or disk archive strategy is crucial.
• Formally document the plan.
• Create checklists and procedures. Know who is responsible.
•  Test the solution.
• In any complex system or process, what works in theory often fails in practice.
• Maintain multiple communication methods and channels.
• Normal communication channels, such as email and phone, may be disrupted.
• Automate as much as possible.
• Human error is almost inevitable under these stressful circumstances Don't neglect security.
• It can be tempting to bypass normal security policies in order to simplify and speed the recovery.
• Rely on DR experts and consultants with extensive knowledge and experience in the field .

Rely on TeamLogic IT

At TeamLogic IT, we can help you design and implement your data backup solution so that you can minimize the risk to your critical business data. It only takes one occurance of losing and not being able to recover your data to realize that disaster recovery is a much more significant hit to your business than implementing the right solution.

Data Security in the News...Again

Here we are again on the perennial topic of viruses, malware and data security.   The recent incident with the Flame Virus in the Middle East is only the tip of the iceberg when it comes to stealing information from computers.   These viruses are increasingly sophisticated, can cover their tracks, and require teams of experts to research and develop new protections to stop further attacks.
The takeaway is that once your computer is infected, the damage has been done. The best protection is to prevent infections in the first place.  Here are some tips for helping you avoid common types of attacks.

Tips for Avoiding 'Malvertisements'

Malvertisements are pop-up ads on websites that can steal bank account passwords, slow down or disable computers,and prevent your computer from getting .  We unwittingly expose ourselves to malvertisements just by visiting an infected website.   This type of scam is getting more popular and has already affected millions of users.  The ads are insidiuous because you don't even need to click on them to activiate them.

• Make sure your computer is set for automatic updates for your browser and applications.
• Employ an pop-up add blocker. There are many choices out there;  some are built into your browser and others are available as third party software.     
• Protect your computer with robust antivirus software, such as Kaspersky or AVG. 
• Be aware of pop-up ads that sell antivirus sofware. These unsolicited ads can be infected with malware or are scams that entreat you to buy software from the cybercrooks themselves.  

Tips for Avoiding Text Scams

Now that texting is a preferred form of communication, scams are increasingly on the rise.   We receive texts that tell us that we are "the winner of the day" or that we have just won something desirable if we just respond with a code or phrase.   To claim your prize, you'll have to divulge personal information that the spammer will sell to marketers or use to access your bank account.  In the U.S. last year, something on the order of 4.5 billion spam texts were received by cell phone owners.  Here's some advice on how to deal with text spam.

• Don't reply with "STOP" or other requests to remove your number.  Any response will confirm that yours is a working number that can be sold to telemarketers.
• Make sure your mobile number is registered with the FTC "Do Not Call" list.  This makes it illegal for telemarketers to call or text you without permission unless they are exempt.
• If your carrier is AT&T, Bell Mobility, Sprint, T-Mobile or Verizon, you can report spam by copying the original message and forwarding it to 7726 (spam) free of charge.
• You can file a complaint with the FCC by filling out their form.
• Check your cell phone bill monthly to see if you have incurred any charges from unwanted third-party spam. Call your carrier immediately and they should remove the charges from your bill.
• And finally, you should investigate the many spam-blocking apps that are available.

When it comes to choosing which anti-virus solutions works best for your business, TeamLogic IT can assess your systems and find out what anti-virus software you have, whether the licenses are still active, and if the scans are happening on a regular interval.  We are experts in virus removals and can recommend what software should be put in place so that your computers and mobile devices are protected.

TeamLogic IT of Mountain View, CA, is part of a nationwide network of computer consultation and managed services businesses providing outsourced IT services. Small- to medium-sized businesses rely on TeamLogic IT to handle a broad range of services from urgent computer repair and proactive maintenance to the installation of entire networks and more. For more information, contact Jon Simms at JSimms@TeamLogicIT.com or visit www.TeamLogicIT.com.

A Primer on Password Security

As the number of sites and devices you access multiplies, so do the number of passwords you have to manage over time.  One thing is for sure, we probably don't spend enough time making sure our passwords are safe once we establish a new account,login to a new website, or set up a device to connect to the Internet.

Easiest to Guess and Steal 

If "password" is your online password, you're in good company, and that's bad.  As the single most popular log-in used to access online accounts, it's also the most easily hacked by cybercriminals. Changing the "o" to a zero - "passw0rd" is not much better.  It ranks as the 18th most common, according to SplashData, a company that produces SplashID, a secure password management software.  And with more websites now requiring passwords to include both letters and numbers, you may think you're safe with "abc12."  Think again.  That password ranked fifth.

Top 25 Most Common Passwords

#1. password
#2. 123456
#3. 12345678
#4. qwerty
#5. abc123
#6. monkey
#7. 1234567
#8. lemein
#9. trustno1
#10. dragon
#11. baseball
#12. 111111
#13. iloveyou
#14. master
#15. sunshine
#16. ashley
#17. bailey
#18. passw0rd
#19. shadow
#20. 123123
#21. 654321
#22. superman
#23. qazwsx
#24. michael
#25. football

Some interesting trends have popped up with SplashData's analysis of millions of passwords. Joining the longtime "don"use" password, "qwerty" the top to bottom sequence on a keyboard is "qazwsx."

There's also an increased use of common names.  Officials, however, are baffled by the popularity of "monkey" and "shadow."  But what's clear is that using any of these passwords significantly increases your risk of identity theft. Although cyberthieves sometimes apply sophisticated hacking software, they're more likely to depend on repeatedly trying common passwords to log into your account.

Create Strong Passwords

There are lots of resources on the Internet about how to choose a strong password. For example,  Microsoft's Safety & Security Center shows you how to create strong passwords. In brief, here's a few tips:

• Go long.  Use at least 12 keystrokes. One study shows that a good 12-character password would take hackers more than 17,000 years to crack.
• Mix it up.  Use upper- and  lowercase letters, punctuation, symbols, and numbers.
• Finesse your favorites. For easier recall, base your passwords on foods you like, TV shows, or first letters of a song, but with tweaks, symbols, and conscious misspellings.
• Think different. Don't use the same password for everything, particularly on your secure sites, such as banks and shopping sites

Security threats are a growing issue for businesses of all sizes. There’s a lot at stake—your computers and network systems, your information and your customers’ data. We stay on top of the latest security hazards and employ a variety of technologies to keep all systems and data safe. At TeamLogic IT our security services ensure your business is always protected. We help by selecting, implementing, and managing IT security services for you.