What I wish business owners knew about IT: Part 1

After 30 years in the field of IT, I have a few things to share with fellow business owners about IT and the topic of this post is security.

My name is Tracy Hardin and I’ve worked in the IT industry for thirty years, twenty of which were spent running my own IT consulting firm, Next Century Technologies. In this three part series, I will share what I wish every business owner knew about IT. I’ve seen many mistakes, regrets and costly pitfalls that could’ve been avoided. In this first part, I will focus on security since October is cybersecurity awareness month.

IT impacts the security of your company and good IT is inconvenient!

There’s an inverse relationship between strong cybersecurity and convenience. I’ve had plenty of customers say they want their IT to be secured well because one hack would be devastating to business. Yet when I try to implement 2-factor authentication or web filtering, its rejected. I hear, “Too much trouble – would slow us down too much.” So, if you are focusing on convenience then chances are you are your cybersecurity is sorely lacking. This is not the time for poor cybersecurity.

The cloud is a good thing, most of the time

A lot of people are reluctant to store data in the cloud or move services to the cloud due to lack of trust. I understand that. However, not all cloud is created equally. We support banks, so our tools and services must pass muster with bank auditors. We are picky about what cloud services we use and where the data is stored. We prefer cloud storage providers to be SOC2 compliant. That means the provider has put forth much effort to properly secure their facility both on a physical level, cybersecurity level and on an employee level. A third-party SOC2 auditor must come out and regularly audit the facility. This is not a cheap endeavor, so properly secured cloud storage by a SOC2-compliant vendor is not the cheapest. Do your due diligence on any cloud service before you hand over your credit card.

Just because it’s in the cloud, doesn’t mean it’s safe!

Hackers are creating malware and ransomware that run on your computer and target your cloud storage providers such as Microsoft, DropBox, Google and Apple. Just because its in the cloud, does not mean it is safe from ransomware nor does it mean it’s backed up! Microsoft recommends that Office365 users have a third-party product to backup their mailbox, SharePoint and OneDrive data. With free Google storage, privacy is not included. In fact, in many cases, free is not free at all – you pay for it by giving away your personal info and sometimes even your data. Be sure to read the fine print on your cloud platform to see if any backup or recovery options are included.

ransomware - pirate flag on laptop screen

Hackers say size doesn’t matter!

I’ve heard the comment, “My company is too small to be a target for hackers!” too many times. Does your company handle money? If yes, then you are a target. We recently saw a 2-person company get taken for over $400,000 in a very targeted attack. Not a bad haul for a 2-person company! All US-based companies are a target and are worth the time and trouble. Automated methods for attacks make it super easy to steal email credentials from anyone. Which leads me to my last thing to know..

Get cybersecurity insurance

A cyber policy is a must for business owners who rely on computers. Your computers are just as critical as your company cars, employees, and office building. Don’t guess what you need, talk to an insurance agent that specializes in cyber policies so that you know what is and what isn’t covered. Be sure to ask who pays if your company email is hijacked and used to steal money from other companies.

To get more tips on cybersecurity, check out my blog here.

To find out more on how people get hacked, check out my blog here.

What kind of cybersecurity services do we offer? Find out here.

Posted in

Tracy Hardin

Tracy Hardin is President and founder of Next Century Technologies in Lexington, KY. She has a bachelor's degree in computer science from the University of Kentucky and has earned certifications from Novell, Cisco and CompTIA. Her specialties in the field of IT are network design and security, project management and improving productivity through technology. She loves helping people by sharing her knowledge of tech.