by Margaret Hallbach, VP of Public Sector Sales at Verizon Business Markets
When you think cyberattack, do you picture a criminal mastermind launching a carefully planned attack on the White House? Can you hear the dramatic music and feel the tension building as the good guys find themselves with only seconds to spare before the country descends into unmitigated chaos.
It’s a successful Hollywood formula. But the reality is much scarier because it’s not just central government and big businesses that are the intended victims of cybercrime — everyone is at risk. You expect that police security camera overlooking your apartment complex to be operational. But is it? What if it had been infected with malware weeks earlier and was “offline for maintenance” during an assault?
Cybercriminals are often motivated by financial gain, but you could fall foul of hacktivism and cyber-espionage. Cities and municipalities have become targets because of limited resources, insufficient expertise, and unknown vulnerabilities.
Attacks that are simply launched for fun can have a devastating impact as well. What happens if your emergency response systems are overwhelmed by a telephony denial of service attack swamping your inbound call takers at your public safety answering centers?
Manage the risk of more tech
Cities are constantly competing against each other. Do people feel safe? Are the schools good? Are companies thriving and providing jobs? To improve constituent experiences and quality of service, while driving cost efficiencies, local governments are leveraging technology. Many cities are now looking to the Internet of Things (IoT) for smart street lighting to reduce energy consumption, and for intelligent traffic systems that cut congestion — there are even systems that detect potholes. The potential benefits are huge.
But as local government becomes more reliant on digital technologies, the consequences of cyberattacks grow. You’re holding more personal data. Your critical systems depend on technology. That means security can’t be an afterthought. When you’re developing new systems, you need to think security first. Imagine your facilities organization is refurbishing a municipal building with a new HVAC system. The automated detectors for sensing employees in the building allows the system to be remotely controlled, managing energy consumption and cutting operating expense. But it could also provide a new entry point for a cybercriminal.
Understanding the threats
Many municipalities and cities are budget constrained. New sources of funding are hard to find and these funding sources are difficult to maintain. IT professionals are aware of the threats, but they don’t have the support from City Councils to earmark dollars. Cybersecurity funding should be no different than traditional public safety.
The 2017 Data Breach Investigations Report (DBIR) draws on the analysis of over 40,000 security incidents and almost 2,000 confirmed data breaches to bring you an unparalleled source of information on cybercrime. The nine attack patterns we first identified in 2014 still cover almost 90% of data breaches. Understanding them can help you gain insight on where and how to invest your limited resources. We are all trying to stay ahead of the bad guys. Ask for advice and guidance – from a colleague, from another city, from a partner, from the industry. And most importantly, take action. Don’t regret the decision that you did nothing.
Internet security is on every one’s mind these days, and that’s a good thing. More than ever, broadband connections serve communications, commerce and entertainment functions. Personal privacy and protection of your customers’ information are a vital part of any of these functions and many other Internet-based activities.
Wireless networks offer both convenience and mobility within your business. Many years ago, Wired Equivalent Privacy – or WEP – was chosen as the encryption standard used to secure wireless networks.
WEP still offers some level of protection, but over time, the technology to crack WEP encryption has become widely available. If someone manages to overcome your encryption they can use your wireless broadband services and gain access to private information you may be sending or receiving. Fortunately, newer, improved encryption standards have been developed and offer significantly greater protection. For that reason, we have been encouraging our broadband customers, both FiOS and High-Speed Internet (HSI), to change their routers from WEP to the strongest encryption their networks and devices can support, which for almost everyone today is WiFi Protected Access2 or “WPA2,” encryption.
WPA2 is the highest level of wireless network security generally available today and any of the routers Verizon currently provides for our broadband customers will support WPA2 encryption. However older routers in use may not be WPA2 capable. In that case, you may want to consider upgrading your router to one of the more current models in use today.
If you’ve already transitioned to WPA2 from WEP or have a router that is WPA2 enabled, that’s great. One way to check to see if you are WPA2 enabled is to view the wireless configuration settings for one of your small business devices that currently connect to your Verizon Broadband Small Business Router’s WiFi. If the encryption type is set to WPA2, you don’t need to change anything.
Verizon customers can find more information on WPA2 security protection by visiting one of our web support pages:
FiOS customers, please visit http://vz.to/SBsecurity1.
HSI customers, please visit http://vz.to/SBsecurity2.
Once you’ve made the switch to the WPA2 protocol, you’ll want to be sure your devices like tablets, smart phones, consoles, laptops and others previously connected to the WEP-encrypted router (or WPA) are also switched to the settings to maintain connectivity.
Some consumer electronics manufactured prior to 2006 may not be compatible with a router using WPA2 encryption. If you own a device that is not compatible with WPA2 encryption, please consider upgrading or replacing it in order to maintain the higher level of security available with WPA2. For more information visit www.verizon.com/fiosaccessories or
Happy reading! How is your summer going? Do you shut down your business for a few days so everyone can take a little vacation? Or perhaps your business is at its height during the summer so your doors are opened 7 days a week?
No matter the business you are in; are your products and/or services priced right? I referenced an article not too long ago on pricing and here’s a new one.
I know in this blog we’ve talked about cloud computing or cloud services – how it can help your business. Check out this article by InformationWeek SMB that focuses on how one company is leveraging cloud computing to run its business better.
If you are looking for a money, check out this video which gives you some tips to better position yourself and your company for a loan.
Click here for a shortlist of online resources that can help your business… also check out this site from Alltop -- it has quite an extensive list of online magazines and blogs that focus on topics relevant to SMBs.
This month, our featured author is Jennifer Prosek, who will share tips on how to motivate your employees – turn them into entrepreneurs. We’ll be giving away copies of her book all this month so read our blog, follow us on Twitter or fan us on Facebook for more information.
Have a great weekend!
Happy Friday! Next week is National Small Business Week. I feel everyday here at Verizon, we work to help small and medium-sized businesses be productive, have the right tools and put experts at your fingertips. So in our eyes, every week we’re celebrating small businesses!
I hope you know that if you ever have a question about our services or if you have questions for our webinar guests or our featured authors, you can always reach out to us by posting a comment at the end of any of our blogs or send an email to email@example.com.
This week, I thought John Jantsch article on the importance of listening is a good read. He offers some great tips to leverage social media to get immense benefit.
If you missed this news report from It’s Your Biz last week, check it out -- many small- and medium-sized businesses do not protected their company from cybercrime. Here is another video, this one from the Wall Street Journal, on small businesses and how many SMBs experience fraud like consumers. If you don’t have security in place for your business, check out what Verizon offers.
This is a good read from Ramon Ray, what to do when you get hacked and how to prevent it.
Sorry if this week’s articles/videos are all related to security breaches – it’s just an important topic --for the most part many of these are preventable.
As always, let me what which articles you liked or share one you read and is helpful.
Enjoy your weekend!
Cybercrime… does it affect your business or you, personally? These series of
Q & A from Wade Baker, director of risk intelligence at Verizon and principal author of the 2011 Data Breach Investigations Report , offers some interesting insights. To see key findings, get access to the full DBIR report, listen to an audio podcast on this topic or to see additional graphs click this link.
Q: For those that aren’t familiar with the report, what is the Data Breach Investigation Report?
A: It is an annual study into the world of cybercrime that analyzes computer forensics to uncover how sensitive data is stolen from organizations, who’s doing it, why they’re doing it, and, of course, what might be done to prevent it.
And this year, we have the privilege of working with the U.S. Secret Service and the Dutch High Tech Crime Unit, which drastically increases the scope and depth of the report.
Q: What were the major findings from investigations during the past year?
A: In 2010, we analyzed more incidents than ever in which consumer data – payment cards, bank accounts, personal information, etc – was stolen. And cybercriminals appear to be changing the way they accomplish this. Rather than massive breaches against large organizations like we’ve seen in the past, we saw a huge number of lighter, faster, and more surgical strikes against smaller organizations. Since many of the criminals behind those larger thefts are in jail, this trend may represent a tactical shift toward less risky and lower-hanging fruit.
Q: It sounds as though you are suggesting that cybercriminals are pretty organized and savvy – is that true?
A: Absolutely. What many don’t realize is that there’s a very well-organized criminal underworld build around data theft and fraud. They want your information because they can sell it for profit or drain your bank account, make fraudulent purchases, conduct identity theft and all manner of evil. It’s definitely a business for them.
Q: How do these groups steal information and who is vulnerable?
A: Not to sound overly-dramatic, but they’ll use any tactic that works and pretty much anyone is vulnerable. We see everything from hacking into corporate networks, tricking employees, bribing insiders, and even physical theft and tampering. Some of these attacks are very sophisticated, but most of them less so than you might think. You’d be surprised at the kind of stuff used to successfully steal data from corporations and part of the value of this report is identifying what kinds of attacks occur most often and are therefore most critical to combat.
Q: Speaking of combating cybercrime – what are your top recommendations to businesses?
A: After studying thousands of data breaches, I can say with confidence that the overwhelming majority of them are avoidable through relatively basic countermeasures – ones that the victims probably thought were in place. Therefore, the most useful thing organizations can do is to implement procedures to check and recheck and even triple check that they are actually doing what they intend to do consistently and comprehensively.
Next, organizations need to increase their visibility into what occurs in their networks, systems, and applications. It usually takes a very long time for victims to know they’ve been breached and it is usually someone else that tells them about it. This is evidence of very poor situational awareness and that really needs to improve.
Q: And in similar fashion, what would you recommend to consumers?
A: Without a doubt, the most important tip I have is to be aware.
First, be aware of what MIGHT happen. Understand the risks doing business in the online and offline worlds. A lot of people ask me if I’m afraid of buying things online and my answer is always “No – but I am definitely wary of it and act accordingly.”
Second, be aware of what HAS happened. Check your bank and credit card statements. Monitor your credit. If you see something out of place, look into it. This is very important and can save you huge headaches and expense.
Third, use a credit card rather than a debit card when possible. There’s nothing wrong with debit cards per se, but there’s typically less risk to you if your CC# is stolen than your debit card.
Fourth, be stingy with your personal information. Don’t give or store more than you need or want to. For instance, I opt out of storing my CC# when making a purchase online unless I buy from that site frequently. The way I see it, the fewer entities that have my information, the less likely it is to be compromised.
Five – When using an ATM, gas pump, or any public payment kiosk, look for signs of tampering or components that don’t belong. These are common targets for thieves trying steal your payment card info and PIN.
- Everyone's Tags:
- data breach information business
As mentioned in an earlier post here at the Verizon Small Biz Blog, I am seeing more and more small businesses and entrepreneurs jumping on the “cloud bandwagon.” They are moving to online software, instead of software installed on local servers or desktop computers, because of certain advantages. Those advantages include: speed of implementation; ability to scale the business despite lacking internal tech expertise; lower costs; relief from tech headaches enabling you to concentrate on strategy and core competencies; and, arguably, fewer security issues you have to worry about.
We explored those advantages in my last webinar on March 9th, In the Cloud: 5 Reasons to Move to Online Software (watch the webinar here). In that webinar I polled those participating and learned that roughly 80% are already using cloud apps in the form of online banking.
One person asked me about popular online software services that I recommend – here are some online services that I know other small businesses are getting good value from today:
This list is just a small smattering. Edith Yeung, Founder of BizTech Day, where they profile new software, was kind enough to choose some of the best in class for us, in: 101 Small Business Web Applications You Must Check Out. I also recommend you check out The Small Business Web for a directory of several hundred small business online software apps.
Now, despite being a proponent of online software services, I don’t want to give the impression that there are no risks or issues to consider. The advantages of online software applications only apply if you make wise choices. If you make the wrong choices, those advantages may go out the window. Remember, you will have to place your trust in vendors to make sure the software is operational and does what it claims to do. Your data will be online in a third party’s hands. And, if something goes wrong with the software, you need confidence that the vendor will jump on the problem quickly and get it fixed to your satisfaction.
So it becomes crucial to do a thorough due diligence when choosing online software. This due diligence process for choosing online software is what we will cover in my next upcoming webinar presented by the Verizon Small Business Center.
In How to Choose the RIGHT online software webinar, I’ll offer a checklist of points to consider when evaluating online software, including how to assess vendors for reliability, and how to determine which software will actually make your organization more efficient and effective. I’ll also answer your questions about the practical aspects of integrating online software with existing internal systems and software.
Online software services aren’t a cure-all for everything that may ail your business. But they are a valuable technology strategy for growing your business while running “lean.”
Choose the wrong technology and you’ll find your business working on your technology. Choose the right technology, and it will work FOR your business.
Join me this Wednesday March 23 at 2pm Eastern for: How to Choose the RIGHT Online Software.
PS, if you can’t make the live webinar, watch the replay it will be taped and archived – just view it later.
- Everyone's Tags:
- cloud technology
Some of the smartest small business owners and managers I know are jumping on the “cloud bandwagon.” What I mean is, they are improving their business operations by using online software services.
Online software services are exactly what they sound like. They are software programs that you use online, by connecting to the Internet and logging in to the software using your Web browser. They’re called services because the company providing the software provides them as a service. This means they not only give you the use of the software, but they store and safeguard any data you use in the software program. The software company handles everything, soup to nuts: keeping the software running; fixing bugs; managing databases; preventing intrusions and data breaches; enhancing and updating the software.
In exchange for this service, your company typically pays a monthly fee. Sometimes you pay an annual fee. Some software services may even be free.
Think about the obvious impact: your firm needs fewer computing resources. All you need to use an online software service is a computer with an Internet connection. Even an inexpensive netbook computer is sufficient (I know – I’ve used online software programs with just my $399, 2-lb netbook!). You don’t have to invest in hefty up-front licenses, powerful servers to run the software and handle the data, support personnel to keep the servers running, and all the other expenses associated with in-house computing. A laptop or desktop computer for any staff who use the software, is enough.
You often hear lingo to describe these services in one form or another. Software as a service or its acronym, SaaS. Cloud computing. Software in the cloud. Application service provider or its acronym ASP. The list goes on.
I say, ignore the lingo. Focus instead on the benefits of these online software services. And there are quite a few. I’d go so far as to say that the advantages of using online software are greater for small businesses than for large corporations. That’s because online software lets your company be “lean.” When you allow someone else to worry about keeping the software running, you can focus on your business’s core competencies and strategic goals – and not be sidetracked by tech headaches.
You can also scale your business better. You can grow faster without adding as much expense burden and internal systems complexity. When new opportunities arise, you can seize them quickly. For instance, you can go online and sign up for a software service in minutes or hours – instead of waiting weeks or months to scope out requirements for and install a new software program you may need for servicing more customers. Using online software, the cost may be spread out monthly, instead of an all-at-once budget hit.
But what about security? You’re probably thinking, “Our customer data and business information now will be on a 3rd party’s computers.” If you are uncomfortable with that idea, I urge you to consider this: many small businesses I know just can’t afford the same level of security that a large software company can provide. As much as we business owners want to keep our data secure, a determined cyber intruder may get in anyway. A carefully-chosen software provider’s services may actually be MORE secure than the networks and systems of a small business. It’s not because small businesses are negligent or don’t care. It’s just that we smaller firms may not be able to afford the same level of security infrastructure, not to mention the same level of in-house expertise, to make strong security a reality.
In my webinar that I am presenting hosted by the Verizon Small Business Center, we’ll explore the advantages of online software. I’ll share tips and resources. You won’t get lingo. You won’t get theory. You’ll get practical advice to make sure you leave the hour equipped to make informed choices for your business. Make 2011 the year you improve your business operations and seize opportunities -- online software can help make it happen.
Join me later today at 2 p.m. Eastern for: In the Cloud: 5 Reasons to Move to Online Software. So, get your questions ready.
PS, if you can’t make the live webinar, it will be archived – just view it later.
- Everyone's Tags:
- cloud technology
Happy Friday! It’s February already… some folks like me just celebrated Lunar New Year and many others will tune in this Sunday to watch the Super Bowl. Before we break for the weekend check out these interesting reads below.
If you haven’t heard, President Obama unveils ‘Startup America’ he said it’s “a national campaign to help win the future by knocking down barriers in the path of men and women in every corner of this country hoping to take a chance, follow a dream and start a business.”
For those who have a business, read this article from the WSJ Blogs to see if you need a patent to protect your brilliant ideas.
Businesses going global or are already global, make sure your company avoids these I.T. slip-ups.
We talk about social media in this blog and have provided free webinars with expects offering you advice to get started and to find leads. But are you getting results from your social media initiatives? Let us know by commenting below and also check out this article as it may get you back on track if you were a little off.
If you are looking for a bunch of small business related news at your finger tips visit Alltop’s small business section (http://small-business.alltop.com/), where you’ll also find Verizon’s small business blog posts.
Lastly, it’s great that your business is buzzing along nicely, but ask yourself if your business is vulnerable to security threats? Here are some useful tips that may help reduce security threats in your business. For additional tips download the Verizon Business 2010 Data Breach Investigations Report.
- Everyone's Tags:
- Facebook Twitter social media security entreprenuer
As I’m working from home today, I thought a post on telecommuting would be appropriate. Did you know that more and more Americans are working from home? Research from World at Work shows that number of Americans who worked from home or remotely at least one day per month for their employer was 17.2 million in 2008. As the trend continues to grow in popularity below are some suggestions that should help you – business owners – keep both you and your teleworkers happy and productive.
Defined telework policies and training. While a larger business may have an official policy, a small business might opt for something more informal. But in general, it's worth setting up some ground rules. For example, if using work-provided laptops or smartphones, employees should understand their limits in terms of appropriate usage. Downloading large, non-work related files with a provided 3G card, for instance, could easily tack on overage charges if the card has a monthly bandwidth cap.
Robust and secure remote access. The most important aspect of the at-home work experience is the ability to work as fast and with as much access as an onsite employee. Here's what it takes to get there:
- A fast Internet connection. When speed is of the essence, not just any connection will do. Many cable Internet providers don't have the bandwidth necessary for a smooth working experience. Instead, look for a fiber-to-the-premise (or home office) connection. Verizon's FiOS Internet provides download speeds from up to 15 to 50 Mbps and symmetrical speeds of up to 35 Mbps. Equally important is upload speeds, which lets you navigate a remote server and save documents with as much wait time as in person. FiOS has upload speeds from 5 to 35 Mbps. If FiOS isn't available, Verizon's High Speed Internet is another viable option.
- A full featured security suite and backup system. A major productivity killer is technical difficulties, and the biggest issues typically are from viruses and equipment failure. So Internet security and online backup are critical. Verizon provides both in an on-demand format and in options for the home and the business. The best small business solution is the Data Protection Premium package, which includes security to block viruses and hackers, encryption services to keep sensitive emails and documents safe, and automatic online backup to protect documents from technology failure.
Collaboration tools to compensate for lack of face-to-face interaction. One of the areas where remote working suffers is in lack of personal interaction. Fortunately, collaboration tools exist that overcome this obstacle. Verizon provides the Verizon Collaboration Center (VCC) that provides an enterprise-grade collaboration platform allowing everyone you work with to access shared contacts, data, documents, hold discussions and set up meetings at their convenience from wherever they are. Web conferencing, presentation sharing, electronic whiteboards and webcams all help maintain an atmosphere of teamwork. And right now, you can try Verizon's VCC free for 30 days (no credit card required).
To learn more about how Verizon can help small businesses keep their remote employees productive, visit Verizon's Small Business Center.