If your system isn’t available, you may be losing business, current and long-term customers, and/or employee productivity…all of which translate to losing money. If customers can’t buy from your online store, they will go somewhere else. They may never come back. The time your employees lose can never be recovered.
So, how do you evaluate your IT network’s availability? We look to “The Five 9s”. Absolute perfection in anything involving technology is unlikely, but the five 9s means looking at a goal of 99.999% network uptime. What does that come to? There are 86,000 seconds in a day, and 31,536,000 seconds in a year (525,600 minutes), 99.999% uptime equals a mere 5.25 minutes downtime for the entire year. That’s important to consider because while 99.9% uptime (1% downtime) may sound good, that actually comes to about nine hours downtime a year (or 10 minutes on average per week). A lot can happen in nine hours, especially if it is spread out in multiple failures. So how do you get to 99.999%. Here are four best practices that will help:
Network security is another big topic. Effective security requires a multi-layered approach and for the scope of this article, we are outlining a number of the aspects you should consider.
Access Control: Strictly enforced security policies are critical. Believe it or not, the majority of cyber intrusions are caused by the intentional or unintentional acts of employees. In addition to proper security policies, keeping non-compliant devices off your network is also extremely important.
Anti-Virus / Anti-Malware Software: Good anti-malware programs identify malware as it enters your system and kills it, and then, just in case something does get through, continues to monitor for those viruses, worms, trojans, ransomware, etc., that are rigged to sit dormant for days, weeks, or months before being triggered.
Application Security: Software needs to be protected…all of it, whether you build it or buy it off the shelf. Any application, no matter how well thought-out, can contain vulnerabilities that hackers can use to attack your network.
Data Loss Prevention: There are technologies that can prevent your employees from sending sensitive information outside of your network. This is something that sometimes happens inadvertently and sometimes intentionally. Either way, it is something you want to prevent.
Email Security: This is the number one threat to the security of your network because of sophisticated phishing campaigns, including social engineering tactics, that cyber-criminals use to trick unsuspecting employees into giving away information. Email security can be greatly bolstered through use of security programs that identify incoming attacks that then prevent the distribution of sensitive information through outgoing messages.
Firewalls: Whether hardware or software, firewalls create a barrier between your network and the outside world using a carefully designed set of rules that determine whether email traffic is allowed into your network or blocked.
Mobile Device Security: With more and more companies supporting proprietary company applications on mobile devices, these devices are becoming richer and richer targets for cyber-criminals looking for vulnerabilities. Additionally, many companies allow employees to use their own devices for company work, including accessing company files. High-level management of these devices is critical.
Virtual Private Networks (VPNs): VPNs encrypt data using Secure Socket Layers (SSLs) to prevent its theft. Encryption is one of the most powerful tools a company can use in keeping data protected.
Wireless Network Security: Simply put, wireless networks cannot be as secure as those that are hard-wired, unless you implement stringent security measures using products that were developed specifically for this challenge. Without this level of protection, anyone sitting in your parking lot may have the ability to gain access and cause harm.
"Enterprise mobility is an approach to work in which employees can do their jobs from anywhere using a variety of devices and applications. The term commonly refers to the use of mobile devices, such as smartphones and tablets, for business purposes."
1: We are not just connecting telephones, tablets and laptops, we are also connecting “things” through the Internet of Things (IoT). For companies using these “things”, real-time data can prove very valuable for analysis in many ways. However, there may be serious pitfalls. Let’s look at home security as an example. IoT devices that have come on the market to date generally are run by firmware, which is software installed at the factory and usually not equipped to be updated. Suppose your thermostat is such a connected device, with a vulnerability that allows hackers to read its history. Assume that during the summer, you set the main floor daytime temperature for 72 degrees and 76 for night time. When you go on vacation, however, you set it to 76 degrees for 24 hours a day. So, if a hacker reads this change he can assume no one is home and your house can become a target for theft. This is just one example, but similar events can take place not only in residences, but also in businesses.
2: Application Redesign. We are already seeing a vast changeover from systems solely designed for PCs to those adapted for smartphones, as well. Part of this changeover involves much shallower menu navigation. Instead of deep-diving menu structures, mobile users expect to reach their online destinations in just a click or two. On another front, the ability of mobile devices to sense where you, or your employees, are located will have far-reaching implications on many industries. Think of how Uber and Lyft use such technologies to assign the car closest to the customer.
3: Portable devices lead to portable services. It has become standard practice today for people (including your employees) to use mobile devices to download, work on, and re-upload all sorts of documents. Because of this, mobile security has become a major issue. More and more, multi-factor, also known as two-factor, authentication is used to insure these devices are only used by those people authorized to do so.
4: Persona Identification. IT services will be developing ways to separate a person’s business persona with his/her personal persona, and the various data and applications that apply to each. This technology will become an important supporting tool for the ever-growing “bring your own device to work” policies that many businesses either tacitly or purposefully enact for two reasons: 1) people do not want to be burdened with multiple devices, and 2) it is cost effective for the employer.