Monthly Archives: October 2016

Business owners’ ‘Road to Resilience’ starts at Continuity Centers

The road to disaster resilience can be a bumpy one for business owners, whether you've been your own boss for years or have just started. Later this month, Continuity Centers is holding an educational seminar that can help put you in the driver's seat for a smoother ride to true recoverability. 

"The seminar runs from 8 a.m. to noon on Nov. 16 at our Princeton offices."

In partnership with the Business Continuity Institute, CC is proud to present its inaugural Road to Resilience Conference, an instructional seminar geared for business owners and BC/DR professionals alike, focusing on the standards, technology and workplace recovery systems companies need to stay protected from catastrophes. Taking place on Nov. 16 at 500 College Road East in Princeton, New Jersey, the four-hour affair is not to be missed, as disaster recovery experts will be providing attendees with the tips, tricks and foresight they need to stay one step ahead of the unexpected.

Seminar begins at 8 a.m.
The proceedings kick off at 8 a.m., when attendees will have time to register, mix and mingle and partake in a traditional continental breakfast. An hour later, some of the industry's thought leaders, both from CC and BCI, will delve into the best disaster recovery practices that are universally applicable, meaning businesses in a variety of industries will find them useful. The presenters will provide a snapshot of the global threat environment, honing in on how incidents are no longer the exception, but the rule. 

Additionally, attendees will be able to parlay their proactive efforts and new found strategies into rewards, earning the Continuing Professional Education credits needed to become disaster recovery certified by the BCI. Since its inception, the BCI Continuous Professional Development Program enables individuals to develop the advanced skills they need to thrive and consistently improve. 

Overcome 'analysis paralysis'
Business continuity planning can sometimes seem like a massive undertaking, the likes of which can be so intimidating that it prevents decision-makers from making any efforts whatsoever at prevention, finding the task overwhelming. This type of "analysis paralysis" is one of the main reasons why a huge chunk of companies are forced to close permanently when disaster strikes. CC's experts will offer insight into how to avoid this common trap during the second half of the educational seminar. The first half will be covered by BCI, including the "BCI Horizon Scan Report."

"A roundtable discussion will conclude the event, providing attendees with some key takeaways."

The Road to Resilience Conference culminates with an hour-long roundtable discussion. This is the audience participation part of the program, where attendees are encouraged to talk about what efforts they've made at disaster recovery, what experiences they've had, how their preparation has paid off, and what, if anything, they would do differently if disaster pays another unwelcome visit. This will serve as an excellent brainstorming session that attendees are virtually guaranteed to walk away from with new-found appreciation for how security in all its forms – is a major business continuity issue. 

Failure to plan is a recipe for disaster. By attending the Road to Resilience, you will have the menu of resources needed to overcome adversity when and where it rears its ugly head. For more details about the event and how to register, click here.

With space limited and admission free, be sure to sign up today so you don't miss out!

Latest DDoS attack affects millions of internet users

The problem with outages – whether electricity or internet related – is that they almost always occur when you least expect them. And that's just what happened for millions of online users on Oct. 21 across the country, just as they were about to kick off the last day of another work week.

"Dozens of websites were down for almost 12 hours."

At right around 7:30 a.m. on Friday, some of the internet's most highly trafficked websites went dark, including Netflix, Tumblr, Reddit, PayPal, Spotify and Twitter, multiple news outlets reported. Not until almost 12 hours later were the websites back online. An investigation into the issue confirmed what experts had suspected – the culprits were cyberattackers, who dispatched a distributed denial of service virus attack. The victim was a New England-based internet hosting company that monitors web traffic.

Kyle York, chief strategy officer for Dyn, the company that was affected by the cybersecurity scare, told reporters that DDoS attacks are an ever-evolving threat.

"We start to mitigate, [and] they react," York explained on a conference call, according to USA Today. "It keeps on happening every time. We're learning though."

How do DDoS attacks work?
DDoS attacks are not new to the cybersecurity world. Similar to the effects of a flash mob, DDoS stratagems are often successful because targeted systems are inculcated by numerous requests for information, so much so that they shut down. The consequential effects of the server overload enhance the vulnerability of sensitive data.

"Starting at 11:10 a.m. on October 21 Friday 2016, we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure," the New Hampshire-based web traffic company announced on its website. "Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available."

Indeed, decreased accessibility was wide ranging, affecting well over 50 websites, including CNN, Business Insider, Pinterest, Fox News, Soundcloud, The New York Times and, according to Gizmodo.

In today's mobile generation, where internet users are logging on with a variety of devices beyond laptops and smartphones, the broad-based DDoS attack was realized in offices, workplaces, even appliances.

"It could be your DVR, it could be a CCTV camera, a thermostat," York said, according to USA Today."I even saw an Internet-connected toaster on Kickstarter yesterday."

Cybersecurity experts warn that since the internet is a shared space, DDoS viruses are worrisome because they can create a domino effect, where if one server isn't secured, it increases the potential that others may be infiltrated, turning what would be a confined issue into a full-blown one that makes quarantining virtually impossible. 

Famida Rashid, an information security expert at InfoWorld, noted that much like ransomware, DDoS attacks are happening with greater frequency and are "no longer minor inconveniences, nor are they solely used by unsophisticated adversaries."

"40 percent rarely review or update their data security plans."

Businesses failing to update their IT security systems
The massive outage is the latest example that despite web users understanding that internet threats are real and present dangers, they may not be as ready to combat them as they suspect. According to a recent report released by credit agency Experian, over 85 percent of companies have a data breach preparedness plan in place, up sharply from 61 percent in 2013. However, almost 40 percent confessed that they rarely reviewed or updated their plans and 29 percent have never done so since implementation.

Business continuity planning is no longer merely a smart strategy, but a necessity. No matter how small or large your company is, it's vulnerable to an attack even when you think you've covered all your bases.

This is what makes Instant Business Recovery an invaluable tool. A one-click resolution to IT chaos and confusion, IBR can help you keep your company up and running when servers fail. It's an added layer of support that can put your firm one step ahead when the going gets tough.

How 2016 has quietly been a major year for disasters

It's safe to say that most businesses in the U.S. made it through the summer of 2016 without incident. To these organizations, congratulations are in order. Next time, they may not be so fortunate, which is reason enough to establish a disaster recovery plan, but also because major disasters seem to be on the rise again after a lengthy stretch of limited activity, according to newly released data from the National Oceanic and Atmospheric Administration.

Between May 1 and Aug. 30, there were four violent weather happenings that resulted in at least $1 billion in damage estimates, NOAA recently documented. The first occurred in May when tornadoes tore through portions of the plains and central U.S. Less than a month later, West Virginia experienced massive flooding that displaced thousands of homeowners and businesses, resulting in losses in excess of $1 billion. Severe weather also ripped through the Mountain West and Northeast in July, and the Gulf Coast closed out the troublesome trend with $10 billion in damages mid-August after flooding not only rivaled, but surpassed Hurricane Katrina's impact.

One dozen billion-dollar disasters thus far
With more than two months remaining in the year, 12 billion-dollar weather disasters have taken place in 2016, killing 68 people and causing damages of close to $27 billion, NOAA reported. The even dozen represents the second-largest number of environmental disasters over a nine-month period and is the new record for inland flooding events within a calendar year.

Hurricane activity tends to increase in the closing months of the hurricane season. Over the past decade, not a single Category 3 storm has hit the U.S. mainland. The National Hurricane Center defines hurricanes as "major" if they have sustained gusts of at least 111 miles per hour, as this speed is forceful enough to destroy homes and businesses, even uproot trees.

At its peak, Hurricane Matthew was a Category 5, but by the time it reached the Atlantic coast, it was downgraded to a Category 1. Regardless, it was the second hurricane to hit the Gulf since Hermine, which happened in September. Before that, the most recent one to affect Florida was in 2005 when Wilma roared ashore shortly after Katrina.

Well over a million homes and businesses were without power when Matthew hit the region, leading to storm surge levels nearly 10 feet above what is typical, according to The Weather Channel.

Louis Uccellini, director of the U.S. National Weather Service, told The Associated Press that the extreme theme has hopefully raised alarm bells for property owners who are improperly prepared.

"It is representing I think a notch up for the impacts we have had to deal with," Uccellini explained, citing other major environmental disasters that have occurred in the Far East, such as Typhoon Nepartak that was responsible for over 100 deaths throughout Asia.

Hermine hit Florida this year, the first hurricane to make landfall in the state since 2005. Hermine hit Florida this year, the first hurricane to make landfall in the state since 2005.

Florida back in Mother Nature's crosshairs
Climatologists have maintained that the dearth of tropical weather events prior to 2016 has been abnormal and should not be considered the rule. Gulf Coast residents and businesses may want to redouble their efforts to prepare for what Mother Nature churns up henceforth. This is particularly true for Floridians, warned Adam Podlaha, who heads the catastrophe modeling firm Impact Forecasting.

"After more than a decade without a landfalling hurricane, Hermine has highlighted the potential risks faced by the state of Florida," Podlaha said. "The past 11 years have been unusually inactive for the state, but it was a matter of time before it was faced with a landfalling event given the state's longer-term historical trends."

He added that with coastal populations on the rise, there's never been a more important time for property owners to prepare for worst-case scenarios and realize that their nearness to the ocean makes increases their vulnerability to flooding and other violent weather developments.

The experts at Continuity Centers can outfit businesses with the reinforcements they need to stay up and running when Mother Nature throws them a curveball. Weather by definition is changeable, but with a disaster recovery plan in place, business owners can implement a system of predictability that's needed for normalcy inside when the reality is anything but outside.

Employees frequently responsible for malware nightmares, study suggests

Multi-millionaire and small-business entrepreneur Marcus Lemonis' formula for a high-functioning business is a combination of people, process and product. The individuals who comprise an organization might very well be linchpin that enable it to thrive, which is why any continuity planning solution must always be mindful of its members.

At the same time, though, these same people can be responsible for a company's misfortunes, as employees frequently – though often times unwittingly – allow crippling viruses to tarnish networks and compromise highly sensitive data.

Do workers have too much access?
Computer viruses come in a variety of forms, including phishing and malware, just to name two. It's the latter type that are on an exponential rise, according to the FBI. In a recent survey conducted by software technologies firm Varonis, employee negligence is one of the leading reasons for why breaches happen, two times more likely than other common causes, chief among them external threats. Many of these security breakdowns stem from employees mistakenly downloading or opening links that were corrupted.

The poll queried over 3,000 employees in the United States and Western Europe, including Germany, France and the United Kingdom. Included among the participants were IT experts who specialized in data privacy.

Larry Ponemon, founder and chairman of the eponymously named Ponemon Institute, indicated that business owners all too often sacrifice security for convenience, providing an inadvisably large number of employees with privileges that can lead to innocent mistakes, or worse, actions that were premeditated.  

"This survey raises key points as to why hackers are able to maximize impact – too many employees have too much access, beyond what they need to do their jobs," Ponemon explained. "On top of this, when employees access valuable data and their activity is not tracked or audited, it becomes far too easy for an external hacker or a rogue insider to get away unnoticed."

There are a number of ways that malware can infest networks. Several studies have found that among the most common entry points for damaging breaches is via email, but the Varonis poll revealed only 1 in 4 organizations monitor incoming and outgoing electronic correspondences, whether employees or third-parties.  

Firewalls are often unable to block malware from causing chaos. Firewalls, which are typically highly effective security checkpoints, are often unable to block malware from causing chaos.

FBI has warned about malware's rapid rise
Malware has garnered the attention of law enforcement officials. Earlier this year, the FBI revealed that these attacks have resulted in more than $200 million in losses for businesses and consumers through the first quarter of 2016, according to CNN. Yet despite this reality, less than 33 percent of information security professionals in a recent Tripwire survey said that their companies would be able to recover after an attack.

Talk to any internet security expert and they'll tell you that these kinds of breaches are impossible to stop entirely, especially for businesses that have hundreds of employees all interacting with servers, links and downloads both during and after operating hours. But recovery is possible. The experts and Continuity Centers have custom-built work environments that employees can use when locked out of a network. Continuity Centers also offers a recovery program that's aptly named Instant Business Recovery. In minutes – not hours – frameworks that were once offline are back online. IBC services are available wherever data is maintained – be it on site or in the cloud.

Workers dangerously unprepared for an emergency, poll suggests

The average American spends more than a third of his or her day on the job. After factoring in traffic, not to mention company title – like business owner or executive – the amount of time engaged in work-related functions is a lot higher, as responsibilities can take awhile to finish.

As a result, were an urgent situation to take place, there's always the possibility that it could happen during business hours. But in what may come as an unsettling piece of news to company management, a fairly high percentage of workers admit that they would be at a loss for what to do if at the office and there was an emergency, a recent poll found.

1 in 4 workers unprepared for emergency
Almost 25 percent of employers indicate that they wouldn't know what to do or where to go if there were working and their physical safety was on the line, according to a survey conducted by employment search engine CareerBuilder. More specifically, almost 1 in 3 – 30 percent – said they weren't confident about their workplace having the resources needed to protect workers from individuals who posed a threat, as well as risks emanating from the internet.

Rosemary Haefner, chief of human resources at CareerBuilder, indicated that feeling safe and secure is every bit as fundamental to a workplace as the equipment that employees work on and use.

"Ensuring a safe and secure work environment should be of the utmost importance in any workplace," Haefner explained. "Keeping employees protected means not only putting measures in place to keep them safe, but making sure employees are aware of the policies and procedures they can protect themselves, too."

It's these very procedures that a number of workers aren't certain that they know. Over 1 in 5 of respondents to the CareerBuilder survey said their employers had never gone over what the protocol was if a fire were to take place and over 1 in 4 – 26 percent – said the same about natural disasters, such as hurricanes, tornadoes or some other type of environmental catastrophe.

Business owners who prioritize continuity planning are more likely to have the systems in place that enable staff to maintain normalcy when circumstances are anything but. Additionally, tenured employees – who have been working for the same company over a number of years – may also have a better idea of what they should do when there's an emergency. However, it's often a different story for people who are new to the profession or companies that have only recently opened. According to a recent survey conducted by the U.S. Census Bureau, approximately 482,000 businesses currently in operation have been up and running for two years or fewer. That accounts for nearly 10 percent of all employers with staff.

Business owners may need to reemphasize why 'Safety First' is no mere motto - but a credo. Business owners may need to reemphasize why 'Safety First' is no mere motto – but a credo.

Important though productivity may be, no one can deny that the motto "Safety First" takes priority. Nevertheless, many workers in a variety of industries believe that the reverse is true – that productivity usurps safety. In a survey done by the National Safety Council, over 60 percent of workers in the construction industry felt as though finishing tasks was more important than their physical well-being and slightly more than 50 percent in both the agricultural and forestry professions felt the same way.

"Every employee deserves a safe workplace, said Deborah Hersman, NSC president and CEO. "While some of our findings were encouraging, others were a stark reminder of how far we still have to go to ensure safety is every employer's highest priority."

Basic tips on emergency planning
A variety of emergency planning resources can be found online. One of the more comprehensive ones is made available by the Occupational Safety and Health Administration, which is overseen by the U.S. Department of Labor. The information includes what qualifies as a workplace emergency, as well as what action plants should be taken. OSHA also details when an evacuation should be implemented, along with tips on the best access points to exit besides the doors and the most ideal areas for everyone to meet.

The Insurance Institute for Business & Home Safety has similar online resources that help with the human element of crisis planning, where employees can learn what's required of them before, during and after an emergency happens.

The hope is that urgent situations won't ever occur, but with climate experts saying that extreme weather is the new normal, it's smart to expect the unexpected. Continuity Centers has the tools and resources that can help business owners and their staff pick up where they left off through our Workgroup Diversified strategy. Regardless of the circumstances, our geographic footprint enables us to get entrepreneurs the systems and infrastructure they need so they don't miss a beat when Mother Nature takes an ugly turn.