In 1980 we experienced the first documented ransomware attack (AIDS conference, free floppy disk).
In 2000, a young disgruntled employee released the first successful phishing attack using the subject line “I love you” just in time for Valentine’s Day. Millions of systems were impacted and this person was reportedly caught by the CIA.
Hackers could never (still holds true to today) easily penetrate the harden devices protecting networks, but these events demonstrated it was still possible to access networks by circumventing “traditional” defenses.
In 2010, the first transaction using bit coin was reported to occur in Jacksonville, Florida. While everyone was excited to see electronic payments taking place on the Internet, bad actors were also paying attention. Today the raise of cyber-attacks is mostly attributed to the fact that bad actors have the ability to collect the spoils of their efforts without being traced.
It is no surprise that today, networks, servers and end user devices must be defended as they represent access points from which your business can be compromised. Technology that makes it easy to steal, implies that we must leverage better technology to defend you. It is not expensive but it can be overwhelming to the untrained. Our team is here to take the “scare” out of supporting your systems and more importantly, your team.
The following sections give you a preview into some of the services offered to support your Small and Medium Enterprise (SME)
Data backup is a long standing technique to defend against data loss. If sue to a system crash or corruption; or malicious or accidental data deletion. Businesses have used data backups for decades and it is no surprise that this technique continues to demonstrate its importance to organizations. The difference from yesteryear to today is that we can now do backups better.
- Data on local hard drive – Done
- Data of your servers – Done
- Data on your cloud – Done
- Data of public clouds (O365/Google work space) – Done
- Data on your tablet or phone – Done
- Executives want their data backed up but not even support is allowed to see it – Done
Your server crashes and you have a server available the same day, ready to put your team back to work. This can be very cost effective for the SME today.
You give us the challenge, we will find you a solution.
Whether you have your own IT team or you use a outsourced technician. Technicians spend a significant number of hours applying patches and updates to systems throughout your organization. Understanding when patches are critical to apply was dependent on receiving/coming across notices from vendors.
The introduction of standards and central databases where vendors report patches and updates to their devices is delivering a way to automate this important task. Vulnerability scanners are tools that leverage these centralized databases and reports to your team what needs to be patched.
Using this tool, your IT team can quickly identify patches that must be applied.
Using this tool, your IT team can prove to Management that your network is secured to the best of your ability.
It pays for itself in the time your team will save manually tracking device states. It pays for itself as for the first time, management has a reliable way to audit the state of your network infrastructure and be confident the work is being done.
Patching your operating systems can be automated and Apple and Microsoft offers tools to ensure this occurs. What about patching software applications? This is a bit trickier. In any case, software tools are also available to assist your team with patching services.
Maybe you just need to be confident that your systems are patched. Automating patching can be the solution you are looking for.
ISO9000 became a basic requirement for manufacturers wishing to export but was quickly recognized as a quality standard at the local markets as well. Standards continue to demonstrate their importance to the consumer.
We believe that Cybersecurity is positioned to follow the path of ISO9000 as exporters are now being told by foreign clients that they need to know their data is protected (data privacy has become important throughout the world). Our focus has been on standards impacting Canadian clients.
ISO27001 is the international standard for information security
Zero Trust security model – ITSAP.10.008 Zero Trust itself is a security framework for protecting infrastructure and data. The Government of Canada (GC) is working on developing a ZT Security Framework that is based on the CISA and NIST models. (2023..just in case we don’t get back here to update this comment)
CAN/CIOSC 104 The Canadian Baseline Cyber Security Controls for Small and Medium Organizations. The Canadian Standards Council (SCC) in recognizing that to an SME the cost for cyber readiness could be prohibitive, they have developed a compromise where the SME can gain 80% of the protection recommend by the standards for 20% of the cost.
There are others you may wish to comply with as exporters face external pressures to prove client data is secure.
DPD Software works for the SME and offers service to perform Cyber Security Gap Analyses. We also offer solutions that assist you in implementing and managing your cyber security response plans, audit your cyber readiness state and assist you when and if you decide to move forward with certification.
Get certified on your first attempt, let DPD Software guide you in preparing your SME for certification.
WAN and LAN networking design
Whether you are designing a local area network and a simple wireless network for staff to use for their phones, to a complex campus with buildings to connect together or a simple WiFi network. Maybe your network needs to support IIoT devices and your MQTT server. Maybe you have other specialized devices for your organization. DPD Software can help you design, deploy and support your network.
Business Resilience Planning.
In the old days we spoke of Disaster Recovery, how you get your business up and operational when your organization encounters a significant interruption. Technology has become more cost effective and today the SME can afford technology to notch this readiness up. Today we no longer talk in terms of disaster recovery but business resilience, the ability of your SME to encounter a significant interruption and live through it or quickly get back to operational status.
That’s the new bench-mark! Are you ready for tomorrow?
Shadow IT is the use of technology be it a device, software application or IT service without explicit IT department approval.
It is difficult to stop the adoption of unapproved IT as employees never think of it that way. To them, they are helping with this neat little tool they found. Company policies can be used to strongly discourage Shadow IT but there are software tools to help your IT team keep control of what’s introduced into your network.
Give us a call, one of our consultants will be happy to help you determine what is best for your organization.