Category Archive for ‘Security’

Moving your business into the cloud allows your entire office to access your every application, every file, and business process as easily as before, if not better.

Running critical applications for RIAs

RIA Complete
Transforming Business

IVDesk has built a specific, specialized practice related to the RIA industry based on our expertise in installing and running critical applications RIAs rely on every day. This practical experience and deep understanding make us the leading IT partners in your industry.

Complete SEC Compliance

Moving all your IT to our virtualized platform allows IVDesk to manage and monitor all of your compliance systems, operations and audits.

Complete Reliability & Redundancy

Our unique technical infrastructure and system management make downtime a distant memory. Your systems, software and data are always available – 24/7/365.

Complete Security

Our maximum security offering provides 100% protection but allows you to ease restrictions to accommodate individual user permission, preferences and other parameters.
“We’ve wanted to make this move to IVDesk for a long time – and it couldn’t have gone better.”
– Andrea Stimmel,
Chief Compliance Officer
Mairs & Power

Complete Mobile Access

The ability to work from anywhere, anytime on any digital device is a key enhancement to productivity. No more VPNs and access struggles. All your current data and apps are right there with the same familiar look as your desktop!  Registered Investment Advisors are facing SEC compliance along with auditing and security risks like never before. Even the largest firms have found the challenges overwhelming. Until now!  IVDesk addresses all of your SEC compliance, auditing and security requirements through a robust, vertically-focused IT solution called RIA Complete. Created specifically for today’s most progressive investment and wealth management firms, our completely virtualized service transforms IT from a tactical expense into a strategic business driver.  In addition to thwarting hackers and improving overall security, RIA Complete also ensures that you can access your data securely no matter what platform you are on or your location.

All Your Current Applications – Available Anywhere

Our complete, virtualized approach to IT already includes over 800+ popular business applications and also accommodates your custom
solutions. Don’t see one of your apps in the list below? Ask us.

Critical Applications Vendor

Advent Portfolio Exchange (APX) – Advent Software
Axys – Advent Software
FactSet – Factset
Investment View – Thomson Reuters
Junxure – Junxure
Laserfiche – Laserfiche
MorningStar Office – MorningStar
Moxy – Advent Software
PortfolioCenter – Schwab
Pro Tracker – Pro Tracker Software
QuickBooks – Intuit
Revenue Center – Advent Software
Schwab Data Delivery – Schwab
Telemet – Orion Telemet

Other Applications Vendor

Assemblage – Trumpet Software
Attach Plus – Trumpet Software
BNA Income Tax Planner – BNA
ByAllAccounts (Cust Integrator) – MorningStar
Dimensional Returns 2 – Dimensional
FileZilla – FileZilla
Gifts – MicroEdge
Global Relay Archiving – Global Relay
iRebal – TD Ameritrade
LaserApp – LaserApp Software
LastPass – LastPass
Mindmapper – SimTech Systems
MorningStar Direct – MorningStar
Number Cruncher – Leimberg
PlanGuru – NewHorizon
Principia – MorningStar
Retirement Plan Analyzer – Brentmark
RoboForm – Siber Systems
Sage 50 (Peachtree) – Sage
Sage ACT Premium – Sage
Smarsh Archiving – Smarsh
TOTAL Planning Suite – Money Tree Software
TSScan – Terminal Works
Yearli – Greatland Corp

Let’s Talk.
Tell us about your current IT systems and let us show you
how our completely virtualized approach can work for you.  Contact KDS Systems for an easy, no-hassle assessment of your needs.

Beyond Business Continuity: How Backup and Disaster Recovery Benefits Your Business

Introduction

As small- and medium-sized businesses store more data on servers, business owners need to consider how they respond to everyday disruptions, such as hardware failures and server outages, as well as site-wide disasters such as fires, floods, earthquakes, and tornadoes.

These disruptions and disasters occur more often than many businesses might think. For example, even though many companies may not consider power outages to be serious concerns, a recent survey by power management fi m Eaton Electrical revealed that 37% of IT professionals “have suffered unplanned downtime due to power-related issues in the last 24 months,” with 32% of outages lasting longer than four hours.1 The downtime caused by these kinds of disasters can be devastating for organizations; a May 2013 study by the Aberdeen Group reported that the average cost to a business per hour of downtime is a whopping $8,580.2

Businesses that have a backup and disaster recovery solution in place are able to respond to disruptions within minutes or hours of an outage or disaster taking place. These businesses have a number of quick recovery options available to them to guard against the risks and costs associated with periods of downtime. However, beyond giving business owners a solution to outages and disasters, backup and disaster recovery services provide many more benefits to organizations.

This white paper explains how a backup and disaster recovery solution can help organizations avoid the high costs of downtime and preserve the bottom line.

Backup and Disaster Recovery Benefits

When downtime occurs the effects can be severe as companies lose access to important data, such as customer information, financial    data, and emails, for an extended period of time. With a backup and disaster recovery solution deployed, businesses can ensure they remain productive, maintain their clients’ trust, keep their commitments to customers and partners, keep up with the competition, and stay compliant with important regulations. Here are the key benefits that businesses gain from adopting a backup and disaster recovery solution:

Maintain employee productivity and the ability to generate revenue: Simply put, when organizations cannot conduct business as usual, they lose money. Taking orders, receiving and replying to important emails, and accessing important data are all activities that downtime can disrupt, leading to a financial drain on the firm. Backup and disaster recovery lets businesses remain productive by ensuring they can serve their customers and generate revenue, even after a major disruption or disaster.

Preserve reputation with customers and partners: Downtime can also have a severe effect on organizations when it comes to their reputation in the eyes of customers and partners. These reputational costs vary among different organizations, but in all cases they could be significant. For example, a critical hardware failure that leads to a day of downtime at a dentist’s office could lead to a loss of clients’ trust. Backup and disaster recovery ensures a business’ clients do not lose faith in the organization due to long periods of downtime.

Meet obligations with clients: Downtime could lead to the inability for businesses to meet certain contractual agreements or deadlines. For instance, if a CPA firm experiences downtime during tax season and cannot recover this data before the tax submission deadline, the client could sue the CPA firm for failing to render services. Backup and disaster recovery lets businesses meet critical deadlines, even if disaster strikes, so clients remain happy.

Prevent losing business to competition: Businesses that jeopardize their reputation due to downtime are likely to see customers take flight to competitors. As an example, if a law office experiences downtime or loses important documents, clients may question the fi m’s credibility and take their business elsewhere. The costs of acquiring new customers are astronomically high compared to the cost of merely retaining existing customers, so it is important that organizations do everything they can to reduce customer churn. Backup and disaster recovery ensures businesses do not lose business to a competitor due to downtime.

Ensure compliance with industry regulations: Aside from the long- term cost advantages of adopting a business continuity solution, backup and disaster recovery also helps SMBs remain compliant with important industry regulations and other legal requirements. Three of the most important laws governing the protection of digital data are the Health Insurance Portability and Accountability Act (HIPAA), the Sarbanes–Oxley Act (SOX), and the Gramm–Leach–Bliley Act (GLBA). Though these laws apply to different industries, all of them require businesses to closely safeguard and retain sensitive digital information, a requirement that backup and disaster recovery is designed for. Backup and disaster recovery ensures organizations do not have to worry about compliance violations and legal issues related to data preservation, so businesses can focus on generating revenue and making clients happy.

Conclusion

Businesses that need to recover their data quickly and reduce the high costs of downtime need a backup and disaster recovery solution. But the benefits of backup and disaster recovery extend beyond rapid data recovery. Organizations with a backup and disaster recovery solution are in the position to withstand everyday disruptions and catastrophic disasters and eliminate the harms that result from extended periods of downtime.

No matter how large or small an organization is, who its customers are, or which industries and sectors it participates in, backup and disaster recovery is an invaluable asset for any business owner. Call us today to learn how backup and disaster recovery can help your business succeed.

KDS works with your businesses to interact with computer technology in a secure and scalable manner. We bring real world perspective and focus on security, productivity, and mobility. Our insight is based on years of experience and your business’s current adoption of technology solutions within your computer network.

 

How Backup and Disaster Recovery Works

Backup and disaster recovery solutions periodically take a carbon-copy backup of servers, store those backups on a local appliance, and send those backups off-site to the cloud. These backups can be utilized in a number of ways. If the server stops functioning (e.g. if a motherboard short- circuits), the local appliance can act as a substitute server until the server is repaired. If the server is destroyed (e.g. the building burns down), the backups that are stored off-site can be downloaded, shipped, or recovered in the cloud. In either scenario, businesses are able to get back up and running quickly and efficiently.

Common Types of Outages and Disasters Organizations of all stripes experience a number of common outages and disasters. Here are a few examples of these disruptions:

  • o Outages
    • Hardware failure
    • Software failure
    • OS corruption
    • Cyber-attacks
    • Power outages
    • Power surges
  • Disasters o
    • Floods
    • Fires
    • Earthquakes
    • Hurricanes
    • Tornadoes
    • Land Shifts

The Dropbox Problem

Introduction

 

“As the BYOD trend continues, more and more businesses are faced with the growing reality of having their workforce go mobile and the potential associated security threats it poses for enterprises.”

– Melissa Lewelling, CRN, June 24, 2013

With over 300 million users, Dropbox is the market leader in cloud file sync applications. Unfortunately, what works for family photos is not appropriate for corporate files. Dropbox is risky business. Beyond the risks of data loss, data theft, data loss, corrupted data, lawsuits, compliance violations, loss of accountability, and loss of file access, there are inherent flaws in the service that make it unsuitable for a workplace environment.

Here are some little-known facts about Dropbox — six things to consider before adopting Dropbox in the workplace.

  • Dropbox is the No. 1 most commonly blacklisted app

In general, BYOD and the advent of mobile applications has made employees more productive. But when it comes to mobility, there are some applications that companies should avoid. In a survey by Fiberlink of over 4,500 corporate and employee devices, Dropbox was the No. 1 most blacklisted app on iOS and Android. Business owners and IT administrators are blacklisting Dropbox applications because the popular file sync service lacks the administrative control and oversight necessary to avoid data leakage risks. Rounding up the top five blacklisted apps were SugarSync, Box, Facebook, and Google Drive. [i]

  • Dropbox shares can be accessed by anyone

Sharing with Dropbox is easy. Protecting your files with Dropbox? Not so easy. When a user shares a file or folder, Dropbox generates a public URL that can be accessed by anyone, without any password enforcement. In a study conducted by Intralinks, these fully clickable URLs were used to access sensitive files, including tax returns, a mortgage application, bank information,

and personal photos. Intralinks also found evidence of intermingling of personal and corporate files. All of this begs the question: when you share files and folders with Dropbox, who are you actually sharing it with? [ii] [iii]

  • Dropbox only retains deleted files and revisions for 30 days

Business-class file sync services maintain a rich file and folder history so that companies may recall historical data, including deleted files and revisions. Moreover, retention of data is important for business that handle sensitive data and legally required for certain verticals. The Sarbanes-Oxley Act, the Federal Rules of Civil Procedures, tax laws, and other federal and local statues have distinct requirements for the retention of data. Dropbox’s decision to permanently remove deleted files and revisions after 30 days is inconvenient and puts businesses at risk of legal and compliant disputes. If Dropbox customers want to retain deleted files and revisions for more than 30 days, they are directed to download and pay for a third-party application. [iv] [v]

  • Dropbox uses a single encryption key

Encryption is the primary safeguard against hacking and security breaches. Unfortunately for Dropbox customers, the keys to encrypt and decrypt files are with Dropbox – not on each user’s machines. Worse yet, Dropbox uses a single encryption key for all customer’s data. This insecure architectural design prompted Christopher Sighoian, a prominent security researcher, to issue an FTC complaint against Dropbox in 2011. His complaint alleged that Dropbox puts users at risk of government searches, rogue Dropbox employees, and even companies trying to bring mass copyright-infringement suits. In light of these charges, Dropbox scrambled to change language that appeared on its website. But the facts remain: Dropbox does not provide a way for users to encrypt files before they are transmitted to the cloud, Dropbox employees have access and can see the contents of a user’s storage, and Dropbox has exposed its users to unnecessary risk of data theft by hackers, who if given the chance to break into the company’s servers, may be able to steal users’ data and the keys necessary for decryption. [vi] [vii]

  • Dropbox reviews your data to save costs

When a user uploads a file, Dropbox will review the data to see if it has been uploaded by a different user. If it has been uploaded before, Dropbox deduplication technology will point to the previously uploaded file, thus saving Dropbox from keeping two copies of the same file. According to Dark Reading (InformationWeek), “For starters, deduplication can make it easy for outsides to know what’s already on the Dropbox servers, since the website studies a file to see if it’s seen it before.” In sum, the deduplication technology imposed by Dropbox saves the company storage costs, but places your files at risk. [viii]

  • Dropbox does not guarantee uptime or offer live support

FAQs and Forums not good enough? Because Dropbox does not offer live support, you’ll have to fill out a form for someone to get back to you. In addition, Dropbox has experienced outages, downtime, and security breaches over the years, causing business users to reconsider the reliability of the service. According to ReadWrite, “(Dropbox) checkered history of security breaches may make it a tough sell in the enterprise,” including “a (2011) bug in the company’s authentication mechanism, allowing third parties to log into user accounts and access files,” and a 2012 breach that “allowed attackers to penetrate accounts used by Dropbox employees, including a document from which they may have been able to harvest email addresses…those email addresses were apparently used to send Dropbox users spam.” In March of this year, Dropbox suffered an outage which caused errors and rendered the desktop and mobile file sync feature useless. In light of these events, a lack of live support is only the beginning of service issues that Dropbox faces. [ix] [x] [xi] [xii]

Conclusion

As your trusted IT service provider, we promise to work with you to minimize these risks and support your file sync needs. eFolder Anchor is a business-ready cloud file sync service that we stand behind and guarantee.

eFolder Anchor – Secure Cloud File Sync

  • Access files from anywhere
  • Collaborate with ease
  • Share files securely
  • Control your data
  • Eliminate FTP and VPN

 

Call us to learn how file access can be easy, safe, and secure.

 

Phone: +1 (320) 281-7033

Email: support@kdssys.com

[i] TechRepublic, Will Kelly, “Top mobile security concerns: Blacklisted apps and password protection,” December 11, 2013

[ii] ReadWrite, Anthony Myers, “How Documents Stored On Box And Dropbox Could End Up On Google,” May 7, 2014

[iii] CollaboristaBlog, John Landy, “Your Sensitive Information Could Be at Risk: File Sync and Share Security Issue, May 6, 2014

[iv] Dropbox Help, “What happens to my old and deleted file versions?” accessed on May 12, 2014

[v] ASAE, The Center for Association Leadership, “Designing a Compliant Electronic Record-Retention Policy for Your Association, July 2007

[vi] Gizmodo, Adrian Covert, “Dropbox Told Us Our Files Were Encrypted and Private. Turns Out They Aren’t?,” May 13, 2011

[vii] WIRED, Ryan Singel, “Dropbox Lies to Users About Data Security, Complaint to FTC Alleges,” May 13, 2011

[viii] InformationWeek Dark Reading, Mathew J. Schwartz, “Dropbox Accused of Misleading Customers on Security,” April 16, 2011

[ix] ReadWrite, Mark Hachman, “Dropbox To Business: Never Mind The Breaches, Come Store Your Stuff With Us!,” April 10, 2013

[x] ZDNet, Zack Whittaker, “Dropbox hit by outage; file sync busted,” March 14, 2014

[xi] ZDNet, Ed Bott, “Dropbox gets hacked … again,” August 1, 2012

[xii] Dropbox Tech Blog, Akhil Gupta, “Outage post-mortem,” January 12, 2014

Hosted Desktop for Registered Investment Advisors – IVDesk Transforms Business

Registered Investment Advisors are facing SEC compliance along with auditing and security risks like never before. Even the largest firms have found the challenges overwhelming. Until now!

IVDesk addresses all of your SEC compliance, auditing and security requirements through a robust, vertically-focused IT solution called RIA Complete. Created specifically for today’s most progressive investment and wealth management firms, our completely virtualized service transforms IT from a tactical expense into a strategic business driver.

In addition to thwarting hackers and improving overall security, RIA Complete also ensures that you can access your data securely no matter what platform you are on or your location.

Key Benefits

IVDesk has built a specific, specialized practice related to the RIA industry based on our expertise in installing and running critical applications RIAs rely on every day. This practical experience and deep understanding make us the leading IT partners in your industry.
• Complete SEC Compliance
Moving all your IT to our virtualized platform allows IVDesk to manage and monitor all of your compliance systems, operations and audits.
• Complete Reliability & Redundancy
Our unique technical infrastructure and system management make downtime a distant memory. Your systems, software and data are always available – 24/7/365.
• Complete Security
Our maximum security offering provides 100% protection but allows you to ease restrictions to accommodate individual user permission, preferences and other parameters.
• Complete Mobile Access
The ability to work from anywhere, anytime on any digital device is a key enhancement to productivity. No more VPNs and access struggles. All your current data and apps are right there with the same familiar look as your desktop!

All Your Current Applications – Available Anywhere

Our complete, virtualized approach to IT already includes over 800+ popular business applications and also accommodates your custom solutions. Don’t see one of your apps in the list below? Ask us.

Critical Applications

Advent Portfolio Exchange (APX) Advent Software
Axys
FactSet
Investment View
Junxure
Laserfiche
MorningStar Office
Moxy
PortfolioCenter
Pro Tracker
QuickBooks Intuit
Revenue Center
Schwab Data Delivery
Telemet Orion

Vendor
Advent Software
Factset
Thomson Reuters
Junxure
Laserfiche
Advent Software
Schwab
Pro Tracker Software
Advent Software
Schwab
Telemet

Contact KDS Systems at 320.281.7033 to learn more about solving all of your SEC compliance, auditing and security requirements with IVDesk’s RIA Complete virtualized IT solution.

Data Protection – The Human Element

“Everyone is replaceable.” a business owner once sternly told me at a company I was working with. While highly applicable in the industrial age, how does this statement resonate in the our modern business world so heavily dependent on technology and knowledge workers? Regardless of industry, more and more our businesses are dependent on the organizational aspect of information storage and understanding processes and design of technology infrastructure systems. How do we ensure this information is protected, transferable, and easily interpreted by the “next in line”? Is it truly possible to document every granular detail of our systems design, and our daily operational processes? Does the result always resemble a “needle in the haystack” ominous mass totaling thousands of pages of mostly mundane filler with a few critical points buried here and there? Here are a few thoughts regarding the organization and management of your companies most crucial information, which from my experience far too many businesses leave in the minds of key employees.

Diagram
Flow diagrams and clearly stated configuration documentation remains the tried and true basis for all electronic systems. Whether network infrastructure or social marketing efforts; the ability to easily locate devices, providers, credentials; and decipher hierarchy of process flow is crucial. Imagine the reader is presented the information without basis, no predecessor to explain nuances. Is the information clear and accurate? A single piece of incomplete or obsolete information can take hours or days to correctly obtain.

Have a System – Business Management Software
Implementing business management systems take processes out of people’s head and information flow becomes tangible, systematic, repeatable, and less apt to be individually interpreted. Just because you know that an inventory list exists in a spreadsheet named MyWidgets.xls on the N:\ drive does not mean anyone else will intuitively locate that information. The days of adequately running your business from a massive shared folder hierarchy and homegrown spreadsheets are long behind us. The upcoming workforce expects processes to be clear, defined, and a benefit to their position rather than a cumbersome burden to carry or maintain. If you don’t have it, your competition does.

Real-time Interaction
Early electronic systems required A LOT of work to maintain. This generated many IT clichés such as “The data OUT is only as good as the data put IN…”. It also created fear for many business owners, thinking that in addition to investing into a system, they will need to increase staff just to manage the system. Mobile devices have turned these assumptions upside down. Forward thinking and well designed business management systems interact directly with our workforce processes. This means we collect our information directly from the source, not after the fact as an afterthought or documentation effort. Features and functionality of our business systems need to be inline with other technology selections and choices we are making. We want our systems to be and stay cohesive with each other, as incompatible components can wreak havoc to the overall flow of information.

Dashboard Decisions
Just as our vehicles dashboard is crucial to safe and consistent travel, the information provided by our management system becomes a living, breathing aspect of our business operations. Owners who once boasted a sixth sense of “gut-feel” are systematically outperformed by those who know the “real-deal” from information provided by our management systems. Systems that are able to combine sales and operational data give us new insight to how our business performs over the life of a customer, from the first time we meet them to the Nth repeat transaction.

Summary
This perspective is not provided to sell or promote any particular product. It is however intended to help when considering the cost vs. benefit of implementing yet another layer of technology into our digital ecosystem. Business management software undoubtedly increases the overall complexity of a businesses infrastructure. With it comes the risk of yet another security vulnerability and dependence on a software vendor. However it seems an undeniable necessity to todays expectations of productivity and accountability.

Will your company have a CDO by 2017?

CDO is becoming a vital role in many companies.  In 2012 Harvard Business Review named Chief Data Scientist as the ‘sexiest job of the 21st Century’, and Gartner has predicted that 25% of organizations will have a Chief Digital Officer by 2017.  Are these indications that business leaders of all shapes & sizes recognize that all things connect digitally?

A CDO provides vision and strategy for all data management activities and is responsible for digital quality control and managing digital vendor relationships across an organization. Metrics of this operation are reported on and provided to CEO/CFO/CIO to summarize clearly the health and benefit of digital systems that businesses depend on. CDO provides owners with the Big Picture.

The CDO is able to maximize quality of data and digital systems through continual root cause assessment as day to day issues arise. While employees encounter system crashes, errors and nuances directly; a CDO is able to identify patterns and commonalities across isolated incidents. This enables high level decisions and changes that PREVENT OR AVOID system and/or end-user errors that would have resulted in productivity loss and potentially bad data.

Standardization. The only way to manage the fast paced evolution of technology is though standardization of systems and policies in real-time. Staying in tune with a company’s vision, constraints, and culture is critical to leveraging technology as a tool rather than a hindrance. Lest we become buried in the bureaucracy of our digital systems.

Navigate and succeed in mastering unstructured data. Social media, email, transactional records, images, video, and media are very real aspects of any businesses digital day. But they don’t necessarily compute on a one-to-one basis very well. Understanding how to implement, manage, store, and report on very different technology models is crucial to a successful CDO and ultimately a company’s digital health.

Master of all things Digital. A CDO begins to shine as the technology they manage begins to benefit people in quantifiable ways. Decision makers who have quick access to accurate information, and weary employees who begin to experience mundane, time consuming tasks becoming automated become a CDO’s greatest advocators.

Data Protection – Multi-Function Printer a Security Threat?

Have you considered your printer a security threat, a potential bridge of information in and out of your organization? As IT trends towards access “outside the firewall” we need to closely consider all components that store and process information, even the seemingly mundane Multi-Function Printer.

Today’s MFP’s have hard drives that store information, memory, and processors. Many include features to enable remote users to communicate to and from the public internet via remote PC’s and mobile devices. Features like scan to email, and print from phone are great for productivity, but what vulnerabilities are exposed for malicious purposes?

It is very possible that every print job is stored in a persistent history log. Could any employee with physical access to the printer simply walk up and select re-print of the most recent payroll? What information would be gained by removing the hard drive?

Unfortunately, plugging in your new printer and “getting it to work” is only the first step. Most MFP’s offer surprisingly advanced data protection features that are overlooked, especially in small businesses where resources are limited and productivity gains overshadow security risks. Administration passwords should always be set and documented. Many MFP’s offer drive encryption, ability to secure the user, and even to secure the output tray. “Sanitization” can overwrite historical information and clear active cache’s on a regular basis. While scan to email may seem a simple and green method to send paper outside your office, other document management tools offer much more robust audit trail and accountability of the delivery and receipt of such information.

Most people know that they need to invest in physical security, network security, firewalls and data backup. Many businesses overlook the inherent risks from physical or remote access to productivity features of their most fundamentally basic technology equipment.

Contact KDS Systems today by phone at (320) 281-7033 or by email at virtualcdo@kdssys.com to learn how quickly and cost effectively your business can review, plan, and implement secure network infrastructure to protect your valuable business assets.

Managed Risk: For those who fear the cloud

Trusting Cloud Providers:  Trust your mother (but cut the cards)

Risk is a part of life, of business, and fundamental survival. Crossing the road, getting in a vehicle, and picking up the phone all require you to assess the rational, potential outcome, and likelihood for success behind the activity. And yet we carry on, learn, and strive to improve tomorrow. As business technology evolves, the principles underlying the foundation and operational aspects of data storage and the functionality of our tools is continually critiqued. Change is constant, truths of yesterday no longer apply, and risks we have not yet considered will undoubtedly be encountered. So what path do we choose to follow when considering overall approach to our business technology?

Security

Data breaches, extensive downtime, and lack of compliance mechanisms are issues that IT Pros fear. How can an outsourced cloud provider be trusted? These concerns must be addressed before they consider moving business critical systems to the cloud. Rather than hitting that head on, let’s circle our current state.

Internet Dependence

“If my Internet connection goes down, I can’t access my systems.” This is the common retort to avoiding cloud adoption. Let’s think through that scenario. Is that in any way the cloud provider’s issue? No. What is impacted if your office loses connection in a cloud based model? Your office. What is impacted if your office loses connection in an on-premise model? Everything. Customers, Vendors, Remote & Field staff (and your office still can’t access the Internet). The likelihood that your business will have a redundant Internet connection in the next 3 years is very high. Dependency on Internet for communication and transactional interaction will demand high-availability to internet resources in nearly every business regardless of level of cloud adoption.

Single Point of Failure

Redundantly redundant. Cloud providers stake their business on providing service in a highly competitive market. They are in the business of providing reliable systems to a broad customer base. The days of a hosting provider delivering services from a server in the lunchroom are long gone. Today’s providers deliver services from equipment, facilities, and connections far beyond what Widget Manufacturer A or Service Provider B can ever justify. Every aspect is controlled and monitored, from connection quality, power conditioning, cooling, physical access, and on and on. Consider the server you have nicely racked and locked in the back room closet. Raid5, redundant power supplies and all. Realistically considering the potential failures that could render it useless is staggering. Power outage, Fire, Water, Backplane, Internet Outage, Corrupted Raid Config, Ransomware, Smash-n-Crash burglar, IT Admins spilled Coke. Unfortunately enough time in this industry and you see many things, truth often stranger than fiction but nonetheless very real.

Staying Current

You invest, buy the biggest and the best, and… tomorrow it is obsolete. Just as scaling user counts is inherent, the burden of allocating resources is entirely upon the cloud provider. Managing the infrastructure and platform for your systems is no longer an issue. Never will the business controller be asking themselves “Why is it my problem that Microsoft is ending support for server version XX and the new server version YY isn’t compatible with my legacy software AA?” While infrastructure responsibility is eliminated, interoperability of systems will become the focus of technology development. Choosing systems that complement one another and provide solid interaction with other systems will become an opportunity for differentiation of businesses and professionals.

Full circle to Security

The simple fact is that businesses hesitating to embrace cloud technologies are very likely not accurately assessing risk to their current technology approach. The pitfalls and potential for failure for on-premise IT are many and great. In 1980 it was uncommon to wear a seatbelt, yet many survived and thrived. Today it is accepted that seatbelts are safe, pose less risk and provide greater likelihood of success to arriving safely when advancing from point A to point B. The real issue at hand is selection. Choosing providers who are reputable, with strong products. Acquisition of tech companies will continue to prevail, how does that impact the future of data and systems we rely on? Assessing and managing risk continues to be the differentiator for those who succeed, but the first step is moving onto the appropriate playing field.

Melding data between cloud delivered systems.

Melding data between cloud delivered systems.


7 Risks of Dropbox to Your Corporate Data

This insight is brought to you by KDS Systems and Anchor Cloud File Sync

Introduction

We live in a world where information equals power. With the influx of online file-sharing solutions, distributing information has become easier than ever. As a result, it’s now easier for information to fall into the wrong hands intentionally or unintentionally.
-Enterprise file sync-and-share, Terri McClure, Kristine Kao, TechTarget
Bring-your-own-device (BYOD) policies and an increasingly mobile workforce are putting new pressures on IT and changing the requirements for how workers want (and need) to access corporate data.
With over 200 million users, Dropbox has become the predominant leader for mobile file access. Unfortunately, what works for family pictures does not work with corporate files. In most cases, Dropbox quick to install, easy-to-use, consumer services present unacceptable security, legal and business risk in a business environment.
Here are 7 Risks of Dropbox to Your Corporate Data.

01 – Data theft

Most of the problems with Dropbox emanate from a lack of oversight. Business owners are not privy to when an instance of Dropbox is installed, and are unable to control which employee devices can or cannot sync with a corporate PC. Use of Dropbox can open the door to company data being synced (without approval) across personal devices. These personal devices, which accompany employees on public transit, at coffee shops, and with friends, exponentially increase the chance of data being stolen or shared with the wrong parties.

02 – Data loss

Lacking visibility over the movement of files or file versions across end-points, Dropbox can improperly backup (or not backup at all) files that were modified on an employee’s device. If an end-point is compromised or lost, this lack of visibility can result in the inability to restore the most current version of a file or any version for that matter.

03 – Corrupted data

In a study by CERN, the European Organization of Nuclear Research, silent data corruption was observed in 1 out of every 1500 files. While many businesses trust their cloud solution providers to make sure that stored data maintains its integrity year after year, most consumer file sync services, including Dropbox, do not implement data integrity assurance systems to ensure that any bit-rot or corrupted data is replaced with a redundant copy of the original.

04 – Law suits

Dropbox gives carte blanche power to employees over the ability to permanently delete and share files. This can result in the permanent loss of critical business documents as well as the sharing of confidential information that can break privacy agreements in place with clients and third-parties.

Many compliance policies require that files be held for a specific duration and only be accessed by certain people; in these cases, it is imperative to employ strict control over how long files are kept and who can access them. Since Dropbox has loose (or non-existent) file retention and file access controls, businesses that use Dropbox are risking a compliance violation.

05 – Compliance violations

Many compliance policies require that files be held for a specific duration and only be accessed by certain people; in these cases, it is imperative to employ strict control over how long files are kept and who can access them. Since Dropbox has loose (or non-existent) file retention and file access controls, businesses that use Dropbox are risking a compliance violation.

06 – Loss of accountability

Without detailed reports and alerts over system-level activity, Dropbox can result in a loss of accountability over changes to user accounts, organizations, passwords, and other entities. If a malicious admin gains access to the system, hundreds of hours of configuration time can be undone if no alerting system is in place to notify other admins of these changes.

07 – Loss of file access

Dropbox does not track which users and machines touched a file and at which times. This can be a big problems if you’re trying to determine the events leading up to a file’s creation, modification, or deletion.

If you would like to LEARN MORE about file storage and mobile device syncing in a secure, compliant, and safe manner CONTACT KDS SYSTEMS for insight and pricing.