Top Five Ways to Protect Your Organization from
Data Loss & Cyber Hackers
Wednesday November 29 Jim Kandrac, UCG Founder and President
Matt Paterini, UCG Regional Director
• Introductions – UCG Technologies
• UCG Technologies Overview
• IBM Power8 – S814, S824 and IBM SAN
• Top Five Ways To Protect Your Organization
1. Cloud, Hybrid Cloud and Private Cloud Backup + Disaster Recovery Best Practices
2. Enterprise Security Training – Cyber Security
• Summary – Q/A and Helpful Resources
Agenda
2
Who is UCG?
• United Computer Group, Inc. founded in 1987
• 2016 re-branded to UCG Technologies
• Clients in 31 states & Canada
• www.ucgtechnologies.ca
3
UCG Technologies Inc.
4
Offices – Toronto Airport Corporate Centre 2425 Matheson Blvd. East 8th Floor Mississauga, ON L4W 5K4 Data centre – 2920 Matheson Blvd. East Suite #200 Mississauga, ON L4W 5J4
UCG Milestones
5
IBM Power System S814 Server
• Open technology for midsized business solutions
• 10,000 CPW per core
• 4, 6, or 8 core available
• 10,000 CPW per core
• Recommended midmarket configuration
– 4 core – P05 – max memory - 64GB, Fibre and V3700 SAN
6
IBM Hardware & Software Maintenance
Standard
• IBM POWER8 – 3 years Monday through Friday 8:00 am until 5:00 pm
• IBM Software Maintenance – 3 years Monday through Friday 8:00 am until 5:00 pm
Recommended
• Upgrade hardware maintenance to 7/24/365 – nominal charge
• Upgrade 1 year SWMA to 3 year pre-paid; 8:00 am to 5:00 pm or 7/24
7
8
Top Five Ways to Protect
Your Organization from Data Loss
Top five ways to protect your organization and recover from a data loss or security breach
9
1. Properly encrypted data protection in two remote data centers
2. Develop and test an incident response plan
3. Disaster recovery test to gauge RTO and RPO
4. Phishing tests to determine your % of being vulnerable
5. Ongoing education and training for staff to reduce or eliminate cyber attacks
Backup & Disaster
Recovery
Cyber Security
Training
Talking SMAC and cyber security (social, mobile, analytics, cloud)
• The U.S. Director of National Intelligence ranks cybercrime as the No. 1 national security threat, ahead of terrorism, espionage, and weapons of mass destruction
• Predictions in 2018 indicate that at least two-thirds of enterprises will discover a breach of sensitive data
• At some point, your organization WILL suffer a cyber-security breach…in fact, you may even have a breach at this moment
• Most breaches are not even discovered by the breached party
• Inadequate incident response leads to financial, operational, and reputational losses
10
11
• More stringent governmental and industry-specific regulations – Human Resources
– Healthcare
– Finance
– Legal
• Shorter backup windows
• Complex, multi-platform environments
• Reduced IT staff
Data backup and DR needs are increasing rapidly
12
Consider these five critical questions in the event of a security breach, data loss or disaster 1. Which data, applications, and servers will impact your
business functions and in what timeframe?
2. What are the technologies hosting this information today and in the foreseeable future?
3. How quickly do you need to get the data back and systems running again?
4. Which personnel would be involved in the recovery process including client and/or patient notification?
5. Where would your recovery happen should you lose access to critical servers or your complete site?
13
Backup Options
• RTO and RPO discussion
• IBM i Cloud Backup
– Cloud, Hybrid Cloud & Private Cloud
– DRaaS
– High Availability + Cloud (archival)
• Information gathering, analyze, and assess
• Backup and DR for ALL platforms and databases
• Data location considerations – U.S Patriot Act
14
Disaster Recovery Options
1. 48 Hour DR Quick Ship Program (i)
2. <24 hours: warm shared system
3. <12 hours: hot dedicated and pre-loaded System
4. <1 hour: High Availability
15
Meet your Recovery Time Objectives (RTO)
Select a vendor that provides secure online backup and DR solutions
• Complete backup and disaster recovery solutions including enterprise security training
• Supports all major platforms and databases
• Multiple secure data centers
• Remote hardware disaster recovery solutions
• IBM Power Systems (iSeries specialists)
• Passionate support, disaster readiness and technology that scales with your business
16
• When vendors come knocking at your door, be prepared to put them through the paces of explaining how their technology protects you
• Then ask them what they do about the human side
17
If you get a blank stare, then proceed with caution. You may be getting only half a solution.
Make sure you get the FULL solution
18
Cyber Security Training How do you manage the issues of malware,
ransomware, & social engineering?
19
Who’s the “Dave” in your
company? Article Link
20
Security awareness training
and on-going phishing
On-going phishing
• Highly effective - keeps
security front of mind
• Helps meet compliance
regulations
• Immediately see which
employees “get it” and who
needs assistance
21
Security awareness training
and on-going phishing
Key Security Training Features
• High quality, computer
based, interactive training
• Follow up tests
• Comprehensive reporting
Employees need to understand
• Spam
• Phishing/spear-phishing
• Malware
• Social engineering and more
22
Training
period
12 month
average
1.3%
Initial baseline
phish-prone
percent average
15.9%
12 Month Period:
• 372 accounts
• 3600 phish tests
• 291,000 seats
Security Awareness
Training WORKS!
23
Top five ways to protect your organization and recover from a data loss or security breach
24
1. Properly encrypted data protection in two remote data centers
2. Develop and test an incident response plan
3. Disaster recovery test to gauge RTO and RPO
4. Phishing tests to determine your % of being vulnerable
5. Ongoing education and training for staff to reduce or eliminate cyber attacks
25
Questions?