disgruntled employees

Bring Your Own Device vs. Enterprise Devices

April 20, 2019 by securewebsite

Why Businesses Should Make the Investment for Employees

Mobility has become a major asset for modern businesses. It gives companies an edge when employees can work from anywhere with remote access on any device ranging from a cell phone, tablet, smartwatch, or laptop. Mobile technology has enabled unsurpassed flexibility in the workplace the likes of which the world has never seen before.

But as Spiderman’s Uncle Ben said, “With great power comes great responsibility.” When it comes to mobile devices, many business leaders wonder which is better: Allowing employees to bring their own devices to work or dropping the money to provide enterprise devices to all employees.

The Advancement of Technology

The development of the smartphone has shifted the way people communicate on a daily basis. In a recent survey conducted by Zinwave, “Over 85 percent of respondents, which included more than 1,000 office workers within the United States, utilize their cell phones on a weekly basis, at a minimum, for external communications, and usage was only slightly lower for internal communications.”

Not only do modern workers use their phones for voice capabilities (i.e. phone calls), but they use email through their phones as a prime form of communication. The aforementioned Zinwave study found email was the preferred means of external and internal communication for people while they are at work.

The ability to access the internet, company information, and messaging services (text) has made smartphones and tablets a necessity when it comes to productivity in modern business. “For example, 65 percent of industrial and 62 percent of healthcare workers utilize work-related data daily for a variety of applications,” according to Zinwave.

Technology has removed boundaries, improved flexibility, and enhanced communications with lower overhead costs. It can be tailored to the user experience and specific needs of any business. Mobile technology has even allowed organizations to increase their revenue potential.

“In our information-rich society, there are two critical types of interactions that must be fostered: employee empowerment and customer engagement,” according to the blog “6 Ways Mobility Can Transform the Workplace” by iOffice. “For many, mobility has become the backbone of their interactive strategy.”

The BYOD Market

According to an online article at GlobeNewswire, the U.S. BYOD market size was $30 billion in 2014 and is expected to grow 15 percent by 2022.

“Declining hardware prices, increasing mobile user workforce, and high smartphone penetration are the factors responsible for increasing BYOD market share across the region,” according to the article, which sourced BYOD research by Global Market Insights. “Increasing personal technology along with IT consumerization is also expected to boost the industry.”

While the popularity and benefits of mobile devices speak for themselves, business leaders must consider whether to allow BYOD or provide the devices for employees. Traditionally, BYOD was a highly accepted practice. Recently, there has been a move to corporate owned, personally enabled devices (COPE), the practice of organizations providing employees with mobile devices due to concerns over security, IT compatibility, and legal issues over user privacy versus company control.

At ORAM Corporate Advisors, our recommendation for mobile device management is that every employee should have a corporate-owned device. With an enterprise device, you can manage all of the security, firmware upgrades, software applications, and tracking your employees require to do their job. Additionally, COPE offers many other benefits.

Providing Mobile Devices

When your business owns the line of service for its devices, it has more control. You get to select the devices you prefer your employees to use rather than paying for and having the headache of supporting all device types. Additionally, you get to keep your devices up to date so you aren’t forced to make your network support older devices.

Protecting Your Assets

A study from Wall Street Journal Custom Studios commissioned by Symantec, showed “79 percent of employees admit to engaging in risky behaviors- intentionally or unintentionally- that place corporate data at risk” and “48 percent of employees don’t think about security risks when transferring files or sharing documents over cloud-based services.”

With corporate devices, you’re protecting your business assets. If your business owns the devices employees use, you’re able to wipe them in case they are stolen or lost somehow. This can be done remotely and quickly for theft or loss to prevent personally identifiable information (PII), trade secrets, or other secret data from falling into the wrong hands.

If a device such as a smartphone is owned by the company, you can simply call the phone carrier and wipe the phone’s memory. You request this by stating, “I need access to X, Y, Z employee’s phone. Here are the records that we are authorized to do so.” If the phone is a BYOD that’s accessing the corporate information, your business doesn’t have that same ability. The employee owns access to the account and the functions of that device.

Easy Access & Support

The same is true of the ability to access data easily. This is important when every minute counts in business. Take a smartphone for example. If there are any files, emails, or different communications downloaded to a phone on a corporate account, you’re able to search and query that device on demand. This is an improvement over waiting for an employee to submit paperwork at the end of the month in their call log when you need information immediately.

In addition, employees who use COPE devices have support from your IT department. Employees’ personal devices may not be compatible with your business network which could cause functionality issues. With corporate-owned devices, employees can simply contact IT for assistance.

Regulatory Compliance

COPE devices allow a company to reduce their exposure to security risk as well as legal and human resource issues. With tighter control through COPE devices, your business can implement the security measures it needs to keep its data and network safe. Furthermore, litigation resulting from breaches, loss of data, and regulation non-compliance is reduced.

In a highly-regulated industry such as finance, your business will need to be able to report such instances of loss or theft against that device to regulatory agencies such as the Securities and Exchange Commission. This is especially important should your business be audited or examined by such an entity.

The Money Factor

You may be thinking that providing mobile devices such as phones, tablets, and laptops to your employees is not cost effective, but the fact is that it can be. First, consider that many organizations provide a stipend for employees who bring their own devices. That stipend in and of itself is a cost. If you’re going to have the cost regardless, you should have the control as well.

Group mobile plans are getting less expensive for businesses of all sizes and can be written off as a business expense on taxes at the end of each year. In addition, when it comes to tablets, laptops, and other mobile devices, organizations buy in bulk to get a better price which benefits both the business and the employee. Another option for reducing the cost is to set up a cost-sharing option for both the device and its use with your employees.

Finally, when it comes to keeping your business secure to avoid regulatory penalties for non-compliance, the potential for lost revenue, and easy access to data, the investment up front is worth the return. That sense of security is priceless for most business leaders who wish to avoid potential breaches, lost revenue, and issues that can be caused by disgruntled employees.

The Employee Factor

Consider your best salesperson. If they use their personal devices to access your business information such as sales logs, client contacts, and invoices, they have information that could potentially damage your business financially if they were to leave.

In addition, your salesperson likely gives your clients that personal mobile number so they can contact them if they need anything. If your salesperson were to leave the company, your clients would still call that salesperson who can then easily take your customers to their new company with them. This means a loss of revenue for your business.

Should an employee leave, your business gets to keep the phone number. This means their clients will still be contacting one of your employees at your business through the same phone number. This reduces the odds of lost revenue for your company.

Create Policy & Enforce It

Every business, especially those in highly-regulated industries, should create policies regarding BYOD. This is true regardless of whether you allow BYOD or employ COPE devices in your business. You need a very secure policy and the correct mobile device management in place. In addition, your policy should outline that only legitimate work will be conducted on these devices.

If you need assistance with BYOD or COPE devices, creating policy, or mobile device management, contact ORAM today at (617) 933-5060. Our IT and security experts are always here to help your business grow smart while reducing its risks

The Biggest Backup Mistakes Businesses Make

March 22, 2019 by securewebsite

Companies rely heavily on technology for their day-to-day operations – from customer service and ordering to manufacturing and accounting. Consider the technology, from hardware to software, your business uses to keep it moving forward every day. Now imagine what would happen if something went wrong and it stopped working. Whether a virus has paralyzed your operating system or a hacker has infiltrated your network, could you recover quickly to keep your business functioning? How will you recover lost data files crucial to your daily operations?

Disaster scenarios are not anomalies. Unfortunately, it happens on a regular basis and can have serious implications for businesses. This is why backup is so imperative to today’s business operations. While you may be thinking that you’re covered because your business has data backup, you might be surprised to know that this may not be functioning the way you think it is. There are several mistakes modern organizations make when it comes to data backup that every business owner should know about how to stay on top of their business backup.

Know What You Need

According to a piece in Small Business Trends online, more than half (58 percent) of small businesses are not prepared for a data loss. The article goes on to show that 140,000 hard drives fail in the U.S. each week. That’s right. Each week. Furthermore, it states that 60 percent of small to medium businesses that lose their data shut down within six months of the loss.

“On average, small companies lost over $100,000 per ransomware incident due to downtime,” according to an online article by CNN Business. “For one in six organizations, these attacks caused 25 hours or more of downtime.”

Businesses need to understand the massive impact system failures, regardless of the cause, can have on their operations. One of the first things business leaders should do to properly prepare their backup and disaster recovery (BDR) plan is ask themselves the following questions:

What data is mission critical to my business? Consider customer records, inventory, accounting, etc.
Where is that data stored, which systems run those applications, and how is it currently being backed up? Think about where business critical data is being stored, how often it is being backed up, and if your company regularly tests its backup systems.
How much data can my business afford to lose and how much downtime can it handle without long-term consequences? The answer to this question is your recovery time objective (RTO). How long can your business go without being able to process sales, manufacture products, provide services, pay employees, invoice clients, etc.? How quickly do you need to be able to rebound from such a disaster to prevent a loss of revenue, clients, and reputation?

The answers to these questions will help you outline the backup and disaster recovery needs specific to your business. Your IT manager should be able to answer all of these questions. If you don’t have an internal IT manager, a professional third-party IT vendor such as ORAM Corporate Advisors can help you formulate and implement a BDR plan that works for your business.

Cover Your Cloud

Another big mistake people make is not backing up what they have stored on the Cloud. The Cloud is not just some empty space where things are stored. It is actually a third-party storage option. In other words, instead of storing things on your own server, your things get stored on someone else’s server.

You need to ensure that you don’t forget to back up your Cloud email, storage, and files. I would not trust a third party to maintain that data for me. At ORAM, we recommend Backupify as a terrific back up option for everything you have on the Cloud.

Though you have stored all of this information on the Cloud, backing up that data is important for a variety of reasons. First, you may need to back up that information to meet industry standards or government regulations. You also want to be prepared in the event your business is attacked by a virus, ransomware, or other hack. Additionally, there are disasters that can unfold such as earthquakes, hurricanes, fires, and others that are beyond your control that can negatively impact your data. Internal threats such as disgruntled employees can compromise data that is imperative to your business as well by simply deleting it. Backing up your software as a service (SaaS) avoids, or at least reduces, the impact of such devastating crises.

Testing, Testing, Testing

One of the biggest backup mistakes people make is not testing their backup systems. Businesses will install applications or programs and let them go to work. They fail to define what exactly is being backed up and then they never test it.

For example, consider some of the online services businesses use such as Carbonite. Back in the day, Carbonite didn’t back up their QuickBooks files. People would install the software on their computers and think everything was backed up but, lo and behold, it wasn’t. Databases, like QuickBooks, were not getting backed up because the file was constantly in use by other software, therefore, they weren’t able to take a snapshot to back it up.

To date, some backup programs like Carbonite don’t backup everything you may need to have restored in the event of a disaster scenario. While some software is very good at backing up common files such as documents, photos, and spreadsheets, they can fail to backup less-common file types such as secondary files or files larger than 4GB. When it comes to backup, this could put a real damper on your business operations should the worst happen.

Backup testing should be fully automated so as not to pull human resources away from your business operations. The automated system should test backup and restoration services for the following:

Virtual Machines
Applications
Databases
Individual Files

Ideally, your automated backup testing should occur each time your system is completely backed up though this rarely happens. Backup testing should happen on a regular basis not only to ensure that backup is happening as it should but also that it can handle the additional data your company is creating as your business expands.

Additionally, testing should do more than just check that your data is being backed up. It should also test your recovery so you have information about the length of time you can expect to be down if your system is struck by disaster. This allows you to be specific with your clients, partners, and others about when they can expect your systems to be functional again rather than giving an arbitrary message that your system will be up and running again “soon.”

Backup Everything You Need

Another thing I would say is a backup mistake people make is not taking a full snapshot of their environment. As an example, for a long time people did file-based backup. They simply backed up the files on their computer. In reality, you don’t want to backup just the files on the computer.

Using an old-school analogy, you want to put the tape in the VCR and hit play. That’s what we call a snapshot. We say, “Ok. This device has failed. Let’s do a restore to a point in time and then we can just go from there.”

In the era of ransomware, crypto viruses, and other threats to business operations and data, you want your business to be able to be back up and running as fast as possible. Whether it’s a server or a computer, you need to be able to hit that VCR play button for a certain point in time. This allows the business or the person to move forward as fast as possible.

This environmental snapshot is important. Statistics from World Backup Day, which occurs on March 31 each year, shows one in 10 computers is infected with viruses each month yet 30 percent of people have never backed up their data. This statistic alone demonstrates the importance of having automated backup software such as Mozy working on a regular basis to protect your business.

How can these mistakes be avoided?

The best way to avoid these common business backup mistakes is to ensure you have proper procedures in place that meet the specific requirements of your business and that they are functioning properly. Confirm that your business network is backing up weekly and consistently test a full restore of your systems to ensure that everything is backing up, so you never have to worry. Check to ensure that your data is not only being backed up regularly and backing up everything, but be sure that your recovery plans are functioning smoothly as well.

Be sure to do your homework when looking for the best backup and recovery plan for your business. PC Magazine put together a piece in January, “The Best Cloud Backup Services for Businesses for 2019” with a full chart of backup software options in the Cloud. The chart compares various software with ratings for everything from price to encryption in transit and regulatory compliance.

Check with your internal IT manager or consult with a third-party IT vendor such as ORAM Corporate Advisors to make sure you have the right processes and procedures in place. This third-party consultant can also help you with regular testing to make sure your network is backing up as it should and that your recovery system is also functioning effectively and efficiently. They can make software recommendations based on the unique needs of your business. For many businesses across several industries, such testing can also achieve regulatory compliance requirements as well.

If you have questions about developing a backup and disaster recovery plan, implementing it, or for testing, please call the experts at ORAM at (617) 933-5060 or contact us online. Schedule your free initial consultation today to achieve your IT goals within your budget.