Is your business secure in a hosted world?



Similar documents
Understanding Total Cost of Ownership (TCO)

Is cloud CRM really that great?

4 steps to monitoring team performance to accelerate sales and improve customer satisfaction

Getting Your Head In The Cloud

Compare versions with Maximizer CRM 12: Summer 2013

Maximizer CRM 2015 system requirements

CRM for Customer Service and Support

Business Partner Brochure. Become a Business Partner and share the Maximizer success!

Maximizer CRM Group Edition

Maximizer CRM 12 Summer 2013 system requirements

3 Keys to Preparing for CRM Success: Avoid the Pitfalls and Follow Best Practices

setup and provide drill-down capabilities to view further details on metrics and dynamic updates for a real-time view of your business conditions.

Personalised view of metrics for an instant snapshot of your business. Wizard-Driven Dashboards

Maximizer CRM in Our Cloud

CRM for Business Intelligence

How To Protect Your Data From Being Hacked

Maximizer CRM Enterprise Edition

Internet threats: steps to security for your small business

Personalised view of metrics for an instant snapshot of your business. Wizard-Driven Dashboards

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

Is your business still wasting time and money on PCs and Servers?

MAXIMUM PROTECTION, MINIMUM DOWNTIME

Create, attract, retain and delight customers, profitably. HubSpot Connector

How To Use A Cloud Based Crom Live Solution

Contents. Introduction. What is the Cloud? How does it work? Types of Cloud Service. Cloud Service Providers. Summary

National Cyber Security Month 2015: Daily Security Awareness Tips

10 steps to the Cloud for SMBs Introduction to Cloud computing. Ask the Experts. Making Business Work Better Online

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Small businesses: What you need to know about cyber security

Perception and knowledge of IT threats: the consumer s point of view

Making the leap to the cloud: IS my data private and secure?

Gain the cloud advantage. Cloud computing explained Decide if the cloud is right for you See how to get started in the cloud

Your complete guide to Cloud Computing

Guardian365. Managed IT Support Services Suite

How To Prevent Cybercrime

Cyber Security. John Leek Chief Strategist

White Paper FASTFILE / Page 1

Encyclopedia of Information Assurance Suggested Titles: March 25, 2013 The following titles have not been contracted.

How to Turn the Promise of the Cloud into an Operational Reality

PREP Course #25: Hot Topics in Cyber Security and Database Security. Presented by: Joe Baskin Manager, Information Security, OCIO

3 Ways to Recession Proof Your Business with CRM

DOBUS And SBL Cloud Services Brochure

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

CIBECS / IDG Connect DATA LOSS SURVEY. The latest statistics and trends around user data protection for business.

BE SAFE ONLINE: Lesson Plan

Top 10 Reasons for Using Disk-based Online Server Backup and Recovery

Stable and Secure Network Infrastructure Benchmarks

Cloud Computing Guidelines

MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST

AVG AntiVirus. How does this benefit you?

s Software as a Service (SaaS) offering: T-Suite Making your hard costs soft

WhitePaper. Private Cloud Computing Essentials

Global IT Security Risks

Small businesses: What you need to know about cyber security

Better protection for customers, and recurring revenue for you!

The Hidden Dangers of Public WiFi

WHY CLOUD BACKUP: TOP 10 REASONS

Everything You Need to Know About Effective Mobile Device Management. mastering the mobile workplace

The Advantages of Security as a Service versus On-Premise Security

2012 NORTON CYBERCRIME REPORT

Why cloud backup? Top 10 reasons

DPS HOSTED SOLUTIONS

DISASTER RECOVERY WITH AWS

Learn to protect yourself from Identity Theft. First National Bank can help.

itg CloudBase is a suite of fully managed Hybrid & Private Cloud Services ready to support your business onwards and upwards into the future.

Cloud computing is a way of delivering IT services to users without the need to buy, install or manage any infrastructure.

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

2008 Small Business Technology Trends Survey: A Peer Perspective on IT in Small Business

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

ON-PREMISE VS. CLOUD-BASED SOLUTIONS

How cloud computing can transform your business landscape

Cloud Backup and Recovery for Endpoint Devices

Data Protection Act Guidance on the use of cloud computing

Mapping Your Path to the Cloud. A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software.

Microsoft Windows Intune: Cloud-based solution

KEEPING PATIENT INFORMATION SAFE AND SECURE IN THE CLOUD

Business Attitudes Toward Cybersecurity 2014

Comparing Alternatives for Business-Grade File Sharing. intermedia.net CALL US US ON THE WEB

Transcription:

Is your business secure in a hosted world? Threats to the security of business data are constantly growing and evolving - What can you do ensure your data remains secure? Introduction The safe use of computer technology, whether on a personal machine, a work-based network or on a cloud offering, is currently a hot topic for businesses and governments across the globe. Problems can be encountered through criminals using new technologies to facilitate old style crimes, such as fraud and deception, or newer crimes, such as stealing data or locking access until a fee is paid to the perpetrator, often called Ransomware. The complexity and volume of cyber-crimes continues to grow and with many small and medium sized businesses unaware of the various threats they face, it is becoming increasingly important for this issue to be raised and discussed. As an example, hacking has evolved from simply being the activity of a small number of very technical, but misguided individuals developing their IT skills, to an increasingly mature industry, where technical skills and data can be purchased by criminal gangs to perform systematic attacks. Contents Introduction The growth of security threats What are the realities and perceived risks? Will cloud solutions work for my business? Steps to take to protect your data: Identify your data protection and security policies Know who is accessing your data What data requires protection? Data liability and contractual issues What devices are being used to access your data and applications? Application security Don t forget physical and personnel security Continuous improvement and planning for the future What next? The growth of security threats The UK government has released some startling figures on the threat to internet security, highlighting some significant areas of growth: Phishing: This is the process of attempting to get an individual to provide personal or business information through a scam request for data, this may be through a personalised message that appears to be from a trusted organisation, such as a bank, charity or school. 1

Spam or Junk Email: The most common type of spam detected in 2008 was related to internet or computer related goods and services, which made up 24% of all detected spam. Whilst spam messages can often be for legitimate products and services, they can frequently be used for Phishing or selling fake or illegal goods. This type of email is also often used as the delivery mechanism for Malware and Viruses. In addition to email threats, there are also potential issues around providing secure access to personal and business data. At a personal level, data theft can lead to identity fraud and unwanted attention; at a business level, loss of data could mean loss of sales, customer loyalty and system downtime. When asked, SMEs will often say they believe that cloud-based technologies are likely to be less secure than their in-house systems. The reality is that small business owners commonly cut corners, that is not updating their software on a frequent basis, having older and less secure products, not backing up data correctly or simply not understanding the full range of security risks out there. In a hosted world, small business owners can place such responsibilities with the supplier of cloudbased solutions, who should ensure their product security via relevant updates and routine back-ups. Top level providers can generally show their security procedures and proficiency in this area and may even have some degree of certification. The current drive to use technology to provide flexible access via mobile devices, such as tablets and smartphones, and the ability to work from home or on the go can create issues with security. With enhanced flexibility comes an extra level of complexity, where multiple access points to data need protecting, rather than the traditional onpremise alternative of just logging into the company network. Will cloud solutions work for my business? Today, one of the areas that many small and medium sized companies are considering is how much of their technology should be based in-house and which elements can be moved to a hosted or cloud-based environment. As businesses evaluate cloud based solutions they begin to understand why there has been so much hype. Typically based in a central data centre with robust facilities including multiple data links, duplicate or mirrored sites, cooling plants, monster sized uninterruptable power supplies and their own power generation equipment, these solutions are replicated to multiple servers, they are backed up routinely and have built in redundancy. No typical small or medium sized business could dream of having this level of technology themselves, and therefore cannot provide wherever, whenever access with the same high-level of security and data privacy. Some of the advantages Payment Companies generally pay on a monthly or quarterly basis for cloud applications, this can save firms money on capital budgets and 2

makes payment easier and more predictable Data security Cloud solutions can offer an unprecedented level of physical protection against fire, flood, data theft and other concerns Data storage You can store more data using a cloud solution than you could on your own servers, and the storage capacity is easy to increase as required Infrastructure maintenance Hardware, software and security upgrades are done for you by knowledgeable staff, meaning you always have the latest and most secure technology included in the fees.. Despite its advantages, cloud based solutions still make some companies feel a little uncomfortable, though in reality this is because they make us think about our data in a different way, not because our data is any less safe. Steps to take to protect your data Regardless of whether you decide to use an onpremise or hosted solution, there are some key areas you should review from a data security standpoint. The first aspect of any project is to create a plan. In terms of data security, this can mean an initial review of what technologies you have running within your business, whether there are cloud-based alternatives available and what the relative merits of these solutions may be, versus what you have in place already. A movement to cloud based technologies will mean a transfer of trust from your own internal IT team to an external provider, who you may not know or who has simply been referred by a third party. A data security plan should seek to cover the following points: 1. Identify your data protection and security policies Review your existing data protection and security policies, because if you currently store your data within your organisation, you probably sleep at night with the knowledge you have firewalls and security intelligence protecting your data. However, moving your data or infrastructure into the cloud can introduce new risks. It is important to be aware of the potential risks and update data protection and security policies accordingly to reduce exposure. As a business, investigate the options of advanced data security systems that offer an early warning system, render content unusable based on access trends and data usage logs that monitor your cloud environment. Look at separating IT duties or responsibilities within your business, with a team dedicated to data security. i. 3

2. Know who is accessing your data and how Audit your employees: who is accessing your data and applications and how, when and for what purpose it is being accessed. This will also provide you with a pre-cloud view of data access and usage, which can be used by your service provider to build a security model based around your requirements. Building an understanding or profile of how different individuals in different roles use data and applications will enable you to set different levels of access depending on the information. Employees should obviously have access to data where it is necessary to do their job, but this should be looked at in a wider context. It usually isn t a requirement to provide blanket access to everything for every user. 3. What data requires protection? Review your data composition and how the data is stored, and develop a risk-based approach to different data sets, according to the value of the data being held.??? Ensure you consider your legal and compliance requirements relating to different data held. For example, medical data requires a greater level of protection than your weekly online grocery shop. Confirm with your service provider the restriction of access to sensitive management tools which may allow someone to migrate or back-up valued data. In addition, ensure any images captured by data migration tools, are protected with the same level of security as your most sensitive data. 4. Data liability and contractual issues Once you have determined what data requires what level of protection and who can have access to it, the next step is to use this information to negotiate terms around liability regarding data loss, manipulation or theft, which will be resolved between yourself and your cloud provider. This must include an agreement on intellectual property rights to your data or software and an outlined end-of-service process. Plus, you can also request a service level agreement to be written into your contract, with financial consequences if your cloud provider fails to meet your performance indicators. 5. What devices are being used to access your data and applications? With today s mobile lifestyle, to remain competitive, businesses must adopt a work anywhere attitude, by offering? access to data and applications outside the physical office, which is often facilitated through a Bring Your Own Device (BYOD) model. Though a necessity for many business types, anywhere access can significantly increase the 4

potential security risks, especially if employees are using their own mobile devices for work purposes. Therefore, it is vital to extend your cloud security measures to all devices used to access your cloud. Start by avoiding the installation of business critical apps on employees mobile devices, instead providing access via a web-based solution on a secure, centrally managed server in a data centre. This ensures that if an employee leaves the organisation, access to data and applications is immediately deactivated. 6. Application security This area covers any aspect of how an application is deployed and kept maintained, some examples are as follows: Firewalls are devices, or software, that act as an electronic barrier between your systems and the outside world, they prevent unwanted access to a network. If you have your own equipment, ensure that this is kept up-to-date and that any security policies are valid when you change anything on the network. Anti-Virus products typically protect a device or operating system against outside threats; however, they do need to be updated constantly and for a business, this can be a real headache. This area is usually well covered by data centre provision, but it s important to confirm the extent of this provision in the contract. Data Encryption software is used to encrypt data as it is transferred across the internet or a network; generally, this is built in if you are using a line of business application such as CRM. However, if you are moving confidential documents such as contracts around through email or via file transfer, it could be worthwhile considering if an encryption product should be employed. Unencrypted data could be picked up in transit, on an unsecure internet connection such as a Wi-Fi hotspot. 7. Don t forget physical and personnel security Power Supply Redundancy Uninterruptable power supplies and backup power generators are typical in data centres, so it s a necessity to compare what your business currently utilises to what providers can offer.! Internet Connectivity Do you use a single connection or is there a level of duplication available? What is the service level provided? Can you access data via 3G/4G or an alternative Wi-Fi network, if your primary access method fails? It s important to ask such questions when considering your requirement and if you are planning to use a cloud service, be sure to check any additional bandwidth you may require in order to run an application: there could be a hidden additional cost. Hardware Provision Data centres will usually mirror or copy hardware to a duplicate set, which keeps downtime to a minimum in the event of a failure. 5

Fire, Flood or Theft Ask vital questions, such as: How does your data centre sit in relation to flooding risk? Is your insurance up-to-date and what is your contingency if your own servers are stolen or damaged? How does a data centre protect the building out of hours, what physical security is in place? It is usually best not to assume anything, but get written confirmation from any providers you use. 8. Continuous improvement and planning for the future A professional cloud provider should be able to provide a roadmap of the continual development and evolution of their service offering, this could include plans for new hardware, power sources, management systems or certification. If you are running your own systems, be sure to have a continuous plan to upgrade old equipment and software. This should be combined with routine checks that the access rights of old users have been removed and agreed levels of security for users still adhere to your standards. Nominate one or more individuals with the responsibility for data security in your business and ensure they are trained to do the job. Visit our website or call +44 (0)845 555 99 55 for more information on what Maximizer CRM can do for you. What next? Discover the best option for your business by downloading our interactive Cloud or On-premise ebook and assess and evaluate cloud-based and on-premise CRM, to ensure you avoid the pitfalls of choosing an unsuitable deployment type for your needs. 6

About Maximizer Software Maximizer Software delivers Customer Relationship Management (CRM) software and professional services to meet the needs, budgets and access requirements of entrepreneurs, small and medium businesses and divisions of large enterprises. Simple, easy to use and affordable, Maximizer CRM enables companies to mobilise their workforces through all-access web, smart phone, tablet and desktop delivery methods. Easily configurable for organisations in any industry, Maximizer CRM optimises sales processes, enhances marketing initiatives and improves customer service to ultimately boost productivity and revenue. With headquarters in Canada and offices and business partners worldwide, Maximizer Software has sold over one million licences to more than 120,000 customers since 1987. Technology Partners Maximizer CRM Why Maximizer CRM? Visit www.max.co.uk for: Maximizer CRM helps small and medium-sized businesses maximize their marketing, sales, customer satisfaction capabilities and enhance their productivity and efficiency through the optimisation of what resources they have. Simple & quick to deploy, use and maintain Flexible access options through web, desktop and mobile devices Value for money with low total cost of ownership and monthly subscription models Expertise as a leader in pioneering CRM development, with more than 20 years experience. A test drive of the latest release Information on how CRM can support your role Tools and ebooks Resources and information on Cloud based CRM An overview of technology and features Online demos and features White papers and webinars on CRM best practices. UK & Eire Europe, Middle East, India South Africa Social T: +44 (0)845 555 99 55 F: +44 (0)845 555 99 66 E: info@max.co.uk W: www.max.co.uk T: +44 (0)845 555 99 57 F: +44 (0)845 555 99 66 E: info@maximizer.eu W: www.maximizer.eu T: +27 (0) 11 275 0116 F: +44 (0)845 555 99 66 E: info@maximizer.co.za W: www.maximizer.co.za @Maximizer_CRM facebook.com/maximizercrm youtube.com/maximizer linkedin.com/maximizer Rest of the world Americas Australia, New Zealand Asia T: +1 604-601-8000 E: info@maximizer.com T: +61 (0) 2 9957 2011 E: info@maximizer.co.au T: +(852) 2598 2888 E: info@maximizer.com.hk 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information