How to find and stay on top of your company’s sensitive data.

How to find and stay on top of your company’s sensitive data.

With so much data being stored by your company, how can you prevent the most sensitive details leaking?

The digital age means that businesses are collecting, and storing, more data than ever before. And it’s getting bigger too; the majority of UK companies calculate the volume of data held increases by an average of 27% per year.

But the challenge of data storage is more than simply finding enough space to hold it all. Your business is also responsible for protecting it from loss – particularly when it comes to sensitive personal information about your customers and employees.

What sensitive data do you actually have?

Using services like G Suite, SMEs have improved their data storage practices. In theory, everything is being stored in one place securely – the Cloud.

Unfortunately, nothing is that simple. Employees have a nasty habit of copying data and storing duplicate files outside the Cloud. Just think about the average laptop user – how many files do they have saved to their desktop, or in the “My Documents” folder on the local system. When was the last time you cleared out your Downloads folder?

These duplicates present two problems. First, because these files are stored outside the central system, you probably don’t even know they exist. Second, you don’t know what the files are, let alone whether they contain sensitive data.

And as the amount of data increases, the task of discovering these details becomes even harder.

Risk Intelligence – discovering what you have

To help overcome the challenge of uncovering the data you have, Kimbley IT has introduced a new Risk Intelligence service.

Our team will scan your entire network to create a report that shows you where data is being held, allowing you to take action to prevent its loss. The report also reveals the type of data being held – like credit card numbers and personal addresses – allowing you to accurately calculate the risk should it be stolen or exposed. We can even attach a financial value so you can see exactly what the impact on your business would be if your defences are compromised.

Remember that when the General Data Protection Regulations (GDPR) come into force in May next year, losing personal data could attract a fine of up to 4% of your global turnover.

Regain control of your data

Armed with the Risk Intelligence by Kimbley IT report, you will have a clear action plan that allows you to regain control of your data estate. You can arrange for the most sensitive data to be moved back to the correct location immediately for instance.

With this new insight on how your business is mismanaging data, you will be able to build an acceptable use policy and procedures for your employees to follow, so that data is stored in the correct locations.

The report also exposes flaws in your security provisions, like PCs that are missing critical security patches for instance. You (or your IT support provider) can then create a plan to ensure that the relevant software patches are installed and maintained, further reducing the risk of your systems being compromised by cybercriminals.

What you should do next

Your business simply cannot afford to leak personal information. Apart from the enormous fines attached to the GDPR, 58 percent of customers have said they’d avoid a provider that has recently experienced a data or security breach.

Faced by enormous fines and the potential loss of half your customer base, can you really afford to not know where all your data is stored?

To learn more about Risk Intelligence by Kimbley IT, or the dangers of storing data insecurely, please get in touch.

Webinar: What is Ransomware? And how do I protect against it?

Webinar: What is Ransomware? And how do I protect against it?

Recently, we hosted a webinar on what Ransomware is and how to protect your business against it. If you missed the webinar or would like to re-watch it; here is a recording of the webinar.

Watch the 2017 Google I/O  Keynote

Watch the 2017 Google I/O Keynote

Yesterday, Google's annual developer conference kicked off. The opening Keynote is the highlight of the three-day event. 

As a Google Partner; every year at Kimbley IT, we run a viewing party where everyone in the business gets on a group hangout where we (and invited partners) watch and discuss the announcements live.

Here is the full Keynote from this year's Google I/O.

How to Create Supplier Scorecards with Google Sheets

How to Create Supplier Scorecards with Google Sheets

Measuring suppliers, agencies, and freelancers can be a challenge, especially across teams. With the help of this business process from the G Suite Transformation Gallery you can keep these records in one place for each supplier.

Need to move on? Here is how to end your support agreement.

Need to move on? Here is how to end your support agreement.

It is always sad (we think) when a client wants to move on (so far none have), but it is your choice. We’ve tried to made really easy for you to collect your business data and leave. It would be super if you got in touch you might find a reason to stay.

So, how do you go about leaving?

Once your minimum term has expired (you can find this information on your service agreement) all you need to do is give us around 30 days notice that you want to leave. This is so loose ends can be tied up and so that you have time to download your business data or transfer to another support provider. Here is a list of some of the best IT Support providers in Birmingham

To get your G Suite business data you need to use the Google Takeout service. If you are moving to another Google Cloud Partner you will need to generate a transfer token. This can be done by a super administrator on your domain.  The last step is to uninstall all the Kimbley IT agents on your devices; laptops, desktops and mobile devices.

Finally, we hope everything goes well with your new support provider. And, if things don’t work out for some reason get back in touch.

Ransomware is about to get a whole lot worse!

Ransomware is about to get a whole lot worse!

Your backups protect against ransomware attacks – but the game is about to change again.

These days, data is the lifeblood of every organisation. If you lose access to that information, your business is in serious trouble.

All of this helps to explain the success of ransomware, a type of computer virus that permanently encrypts files unless you pay for the relevant decryption key. Although no one wants to pay a ransom, the fear of being left without data leaves few options.

Businesses get smart(er)

One of the few upsides to the current ransomware epidemic has been an increased understanding of the importance of a solid backup regime. Some businesses are finally investing in the tools and processes needed to protect their data from loss or corruption. Unfortunately, the majority of SMEs are still under-prepared, under-estimating the value of their data, and assuming the worst will never happen to them. 

For well-prepared businesses, ransomware isn’t as terrifying as when infections were first discovered. They can simply restore their data from backup, and be up-and-running again in a matter of hours. Those SMEs lacking a proper data backup solution stand to lose a lot more.

Everything changes. Again.

Just like computer technology itself, cybercrime and malware techniques are constantly evolving. Every time IT security specialists develop a fix, criminals hit back with some other tool or hack, designed to keep money flowing into their pockets.

Ransomware is very lucrative – one cyber security specialist estimates individual criminals can net an average of $90,000 per year. But as businesses and individuals get better at dealing with infections, these hackers are seeing their income fall – so they will have to try something different.

The future of ransomware - your data published online.

In future, cybercrime will continue to revolve around stealing your data for profit. The method of ransom will change though. Instead of demanding cash for encryption keys, expect to see criminals secretly upload copies of your data and then threaten to sell data to your less scrupulous competitors – or more likely release it online where anyone can help themselves to your intellectual property, business information, employees and customer private details that you were entrusted to keep safe.

Exposing your data in this way threatens your operations, your profits and will destroy your business brand and reputation. Worse still, your backup regime cannot cope with this new strategy – once published online, there’s nothing you can do to reclaim that information or to stop other people copying and downloading it.

An even bigger problem awaits corporate ransomware victims

Should hackers expose the personal data held by your business, you could be in serious trouble with the Information Commissioner’s Office too. And as the new GDPR regulations come into force, the penalties associated are set to become a whole lot harsher.

Faced with a fine of up to 4% of your total annual global turnover, or a multi-thousand-pound ransom, most will choose to pay the criminals.

Rather than putting cash aside to pay ransoms, however, your business needs to be implementing security provisions and risk intelligence reporting to help keep the hackers out – otherwise, you could be in breach of the GDPR. Should the worst happen and your defences are breached, you can prove your efforts to meet GDPR requirements – and help to minimise any fines you may face.

The sad fact is that ransomware methods may change, but businesses will continue to fall victim to the criminals.

For more help and advice on meeting the challenges of the ransomware threat, please get in touch.