Coleman Technologies Blog

All it takes is one oversight to potentially undo any benefits your cybersecurity protections and other best practices may deliver. For instance, even if you have things like multifactor authentication in place, a phishing scam or even some malware varieties could potentially give an attacker access to your email… and all the data your messages contain, just sitting in your inbox.

This is where these kinds of attacks can get really, really bad, especially if there’s sensitive data being shared via email messages. Once a hacker gets access, they can see it all.

Let’s talk about the kind of data that should never be shared in an email for this exact reason.

What Kinds of Information Should Never Just Sit in an Email?

There are various types of data that you don’t want to include in an email, for numerous reasons. First of all, they’re unprotected there, and we’ve already discussed how simple it could be for the contents of a user’s email to be illegitimately accessed. 

Plus, you only have control over your own inbox. Who knows how long an email you’ve sent will sit in someone else’s, just waiting for someone to come and steal the information it holds.

This is why it is so important that the following types of information are only shared through secure means, and that all emails you receive containing them should be deleted immediately. We can implement rules (based on your Microsoft 365 license) to your email platform that periodically scan for such information and try to delete the messages containing any. That said, you and everyone working at your place of business should still be vigilant about not sending or storing these types of data in the body of an email, or even an attachment.

State/Nationally-Issued ID Numbers

From a driver’s license, Social Security number, passport number, or any other government-issued form of identification, this kind of data could be used by a cybercriminal to open many doors and give them considerable power. 

Bank/Financial Account Numbers

Similarly, if an attacker were to gain access to an email with the numbers identifying a user’s financial accounts, they are suddenly halfway to accessing them. This kind of information could easily be used to make a phishing attack that much more convincing and therefore effective.

Credit/Debit Card Numbers

Are you sensing a pattern yet? If cybercriminals access these numbers, they can make fraudulent purchases using them… and why wouldn’t they? They aren’t the ones who will be stuck with the bill.

Protected Health Information

This is where things get particularly dicey. Access to this kind of data is a clear violation of a person’s privacy and could be used to make their life more difficult. Plus, a lot of other personally identifiable information is often contained in these records, making their theft a double whammy.

Documents Protected by Attorney-Client Privilege

Similarly, these documents often contain a massive amount of the aforementioned information and data, meaning their privacy is paramount by inclusion. There are only so many reasons that an exception is made to this kind of privilege, and no, a cybersecurity incident is not one of them.

Passwords or Authentication Credentials

This list wouldn’t be complete without the passwords or other authentication credentials that are too often shared via email. These are not things you want a cybercriminal to have access to, only partially because they can easily give them access to all of the above resources.

Make Sure You and Your Team Keep This List in Mind While Using Email

This also isn’t enough. You also need to ensure that all cybersecurity protections are actively being used, from those you implement into your technology to the behaviors the entire team turns into habits. We can help with that. Reach out to us to learn more about our business cybersecurity services. Give us a call at (604) 513-9428.

Do you ever think about how incredible technology is? In a world where it’s easy to take advantage of technology and devices that were practically inconceivable just a few short decades ago, it’s really amazing to just look at how far we’ve come, and how something so small can fit so much information.

Breaking Down What Data Actually Is

Let’s go back to before there were modern computers and smartphones. The prominent form of data storage throughout the centuries has been the book.

A typical novel has somewhere between 60,000 and 110,000 words (unless you are reading something by Brandon Sanderson—his novels tend to be three or four times that). 

How much data is that though? If you want to parse this down into smaller numbers, we can look at one of the most common forms of bite-sized information on the planet, the text message.

A text message has a maximum length of 160 characters. You can usually squeeze 1-3 sentences into that on average. Characters in the English language are 7-bits. A bit is represented by a 1 or a 0. The letter “A” is translated to 01000001, and “B” is 01000010. We’ll get back to this shortly.

A text message can contain a maximum of 160 characters, or 1120 bits (1120 ones and zeroes). There are 8 bits in a byte, which means a text message is 140 bytes.

There are 1,000,000 bytes in 1 Megabyte. Figure that the average word is around five characters, so a novel could have somewhere between 300,000 and 550,000 characters

Take 550,000 characters and multiply that by 7 (the number of bits in a character) and then divide the result by 8 (the number of bits in a byte) and you’ll get 481,250 bytes, or 0.48125 Megabytes.

That means a book on the larger side of things is technically around half a Megabyte of information. Once you add some of the hidden meta information, the cover, and some other data, a typical ebook sits around 1 Megabyte. If there are illustrations or images, then there is a lot more to calculate, so we’ll just assume that we are dealing with text for this thought experiment. 

How Much Data Does a Library Hold?

Many books are much larger than the average novel, considering that there are textbooks, encyclopedias, dictionaries, massive reference books, and a lot of other larger format texts out there. Plus, it’s easier to work with round numbers, so let’s just assume that on average, a book rounds out to about 1 Megabyte.

A typical library tends to hold somewhere between 5,000 and 500,000 books. The world’s biggest libraries tend to put their book counts in the millions. The US Library of Congress holds more than 51 million books, and 75 million manuscripts, plus millions and millions of other items.

Let’s assume those 51 million books are all text. How much data would that actually be?

51 million Megabytes is 51 thousand Gigabytes, which translates to 51 Terabytes. It’s pretty common to buy 1 or 2 Terabyte drives for a home PC, so if you were conservative about your data, you could easily fit the entire Library of Congress book library in a pretty small office with 25 or so computers. Of course, you could just put multiple 2 TB drives into your workstations and store the entire Library of Congress on fewer machines too, or build a media server with an array of high-capacity drives… you get the idea.

We’re not quite to the point where a mobile device can hold that much information, but we’re getting there.

Keep in mind, this is just assuming we are taking the text. If instead, you wanted to scan every single page as a grey-scale image, you would be looking at an average size of around 8 Megabytes per book, so it would take about 408 Terabytes to store the Library of Congress. At that point, you’d be looking at a large rack-mounted device or a very small section of a data center.

How Much Data Does Your Organization Produce?

We’re going to make this a two-part blog since there is still a lot more to talk about! Next time, we’ll break down how much data human beings have ever produced, how much data you can fit into the palm of your hand, and more! Be sure to subscribe and bookmark our blog and keep coming back for more!

Your customers expect not to be inconvenienced when doing business with your organization. Small businesses can use new technology to meet these expectations by offering online ordering, mobile apps, and e-commerce platforms. Such innovations not only improve the customer experience but also expand a business' reach. Let’s look at some of the ways new technology can improve your business.

Data-Driven Decision Making

Data is often seen as the most important part of a digital business. Small businesses can gather valuable insights through data analytics tools that can inform strategic decisions. This technology allows companies to better understand their customers, track trends, and identify areas for improvement. By making informed decisions based on data, small businesses can adapt to changing market conditions and make more effective choices for growth.

Cost Savings

While adopting new technology may initially require an investment, it often results in long-term cost savings. Automated processes reduce the need for manual labor which lead to reduced labor costs. Additionally, cloud-based technology can eliminate the need for expensive on-site hardware and maintenance. Over time, these cost savings can significantly impact a small business' bottom line.

Competitive Advantage

Staying ahead of the market is essential to positioning your business for success. Small businesses that embrace new technology gain a competitive edge by offering innovative products or services and providing a superior customer experience. This advantage not only helps attract new customers but also retains existing ones, fostering long-term growth.

Adaptation to Market Trends

Consumer preferences and market trends are constantly changing. Small businesses that resist adopting new technology risk falling behind as their competitors adapt and evolve. Embracing technology allows businesses to stay current and agile, enabling them to pivot and adjust their strategies in response to market shifts.

New technologies can present your business with opportunities that you simply don’t have access to with your current IT environment. If you would like to talk to one of our IT experts about doing an assessment of your business’ current IT setup, give us a call today at (604) 513-9428.

To begin, let’s examine the data that we currently have available, courtesy of Statista: in 2019, there were a total of 1,473 data breaches recorded. The first half of 2020 saw 540 breaches reported. Crunching the numbers, these 33 percent fewer breaches have impacted what other sources assert to be 66 percent fewer people.

At First Glance, This Appears to Be a Good Thing

However, there are more considerations to weigh before we can establish this as a positive trend. While we wish that we could simply say that yes, this is a good sign, there is unfortunately more data to consider. For instance:

The Kind of Breach It Was

There are so many more variables to take into account, starting with the type of breach that took place and how severe the breach itself was. Let’s consider a few scenarios.

On the one hand, you might have a dozen or so breaches with a few records lost in each. On the other, you have just one, but that one breach exposes thousands of records, each containing personally identifiable medical data.

Of course, the single breach is far worse—objectively speaking—than the dozen. However, this kind of scenario isn’t likely to be the case, as the data also showed that 66 percent fewer people have been impacted.

How Accurate the Records Are

Of course, we also have to take the accuracy of the data into account, simply reflecting on the delay that naturally occurs between the actual breach, when it is first discovered, and when the public is notified about the breach. Furthermore, it isn’t all that uncommon for new victims to be discovered long after the breach is first revealed. Some companies will attempt some level of damage control and play their numbers down as much as possible, or simply omit the actual number of impacted accounts in their announcements.

As a result, we may not yet be dealing with the actual number of breaches that have occurred in 2020, depending upon how forthcoming breached businesses have been.

What Impact Has Remote Work Had?

Finally, we need to acknowledge the fact that more people than ever before are working from home—outside of the protections that many remote-friendly businesses have implemented. In theory, this would typically lead to an increase in threats, but recent reports have shown threats to be decreasing. While it would be wonderful if this turned out to be the case, it is very possible that a shift in focus away from maintaining security to maintaining operations could be skewing these results. Furthermore, some businesses might not be able to sufficiently monitor their employees’ security as they are working remotely.

Regardless, You Can’t Allow Your Security to Be Shortchanged

Even if these apparently lowered cybercrime statistics are accurate, you shouldn’t take a break from your cybersecurity preparedness. Easing up will only encourage less secure security habits, leading to increased security problems later on.

Of course, you don’t need to work alone as you protect your business. Coleman Technologies can help you see to your IT needs, working to protect your resources and ensure that work can be accomplished. Find out more about what we can offer by calling (604) 513-9428 today.

Today’s business needs to be able to share files and data securely and efficiently. This process may seem straightforward, but there are a lot of options that the business owner or manager needs to understand. In today’s blog, we look at some steps that will help you create a strong and secure file-sharing system.

Do a Preliminary Assessment

Start by understanding your business' specific file-sharing requirements. It’s important to understand what type of data is typically shared and how much of it is on the move. This step can help you not only determine how your organization’s data is moved but also how your employees collaborate on it. Collaboration largely depends on these efficient data movements, so understanding the basics of how they share and receive data is a big step to building a file-sharing strategy that works for your business.

Choose a Solution That Fits Your Needs

You will want to select a file-sharing platform that aligns with your business needs. You have to determine if the data you have is able to be saved in the cloud or if you need to set up on-premises infrastructure to house the data. If the latter is what you choose, you need to look for features such as end-to-end encryption, multi-factor authentication (MFA), and secure link sharing. You will also need to ensure the solution allows you to easily manage user permissions and roles, making sure that only authorized personnel can access sensitive files.

Access Control

You’ll want to set up user profiles that allow you to assign file access based on roles within the company. You’ll want to provide employees with the minimum level of access they need to perform their tasks, but also ward against providing more access to data they don’t need. This strategy just reduces risk of data exposure and unauthorized access. Finally, you want to have a comprehensive system of logs of all access and file-sharing activities, which can be easily reviewed.

Maintaining Security

Data security is extremely important and to this end you will want to implement encryption tools to keep data at rest and in transit secured. You’ll need to have reliable password protection for shared files and links, particularly when sharing files outside the organization, and it’s also a good idea to implement technology that allows you to monitor and protect data from being shared that has no business being shared. 

Employee Training

There are several ways to train your employees so that organizational file sharing doesn’t turn problematic. One of the best ways is to provide security training. That means teaching them what you expect of their data handling, the importance of data protection methods (such as creating and storing strong passwords and other measures), and how to ensure that sensitive information is handled properly. 

Building a secure and efficient file-sharing system for a small business requires careful planning and the right combination of technology and practices. By choosing the right solution and having a reliable strategy for handling data, you can create a file-sharing environment that supports your business while ensuring that data isn’t stolen or lost. 

If you would like some help choosing and setting up a file sharing system that supports your business and your employees’ collaboration, give our IT professionals a call today at (604) 513-9428.

When it comes to valuable data, hackers will go out of their way to try and steal it, placing businesses in dangerous situations. In particular, healthcare data is attractive to hackers, and considering how lucrative the prospect of healthcare data is, companies need to take extra precautions to protect it. But what is it about healthcare data that makes it so attractive, anyway? Let’s dig into the consequences of potential attacks on healthcare data.

It Sells for a Lot on the Black Market

You’d be shocked to see the value of data on the black market, particularly personal health information and medical records, insurance details, and prescription information. Hackers know that there is a high demand for this data, so they have no problem trying to take advantage of the market.

Personal Profiles Aid in Further Attacks

If a hacker can steal a personal profile from a healthcare provider, they gain access to all kinds of information, like medical history, genetic data, lifestyle choices, and more. This information gives hackers all they need to launch customized attacks against individuals based on their profile.

Identity Theft is a Possibility

Identity theft and financial fraud can often be a direct result of healthcare attacks. Once hackers have stolen records, they can impersonate individuals or obtain other medical information and prescription medications, as well as commit insurance fraud. Victims suffer in a variety of ways, including financial loss, damaged credit, and inability to receive medical treatment.

Blackmail and Extortion Can Scare Victims Into Acting

With sensitive personal records such as healthcare data, individuals often find themselves on the receiving end of blackmail attempts or extortion. They might threaten to reveal conditions or other personal information regarding treatments. For public figures or others in sensitive professions, this can be damaging.

Medical Research and Progress Could Grind to a Halt

Medical research requires that data be accurate, and if hackers steal or alter information in healthcare records, medical research grinds to a halt. This puts any attempt at developing new treatments, understanding disease patterns, or improving public health in jeopardy. 

Hackers Take Advantage of Weaker Security Systems

Healthcare organizations often have weaker security measures in place, putting them at greater risk of being attacked. These organizations are often more focused on providing better patient care, meaning their investment priorities are elsewhere, leading to more potential for security vulnerabilities in the process.

There is So Much Data to Steal

Consider how many patients a hospital might see over the course of a year. Now consider that the hospital will retain those records for an extremely long time. This shocking amount of data makes hospitals and other healthcare providers targets that have a lot to lose as a result.

Of course, it’s not just healthcare data that’s at risk of theft, destruction, or worse—all data is vulnerable to this type of treatment if it’s not managed appropriately. Let Coleman Technologies help you address this with our managed IT services. Learn more by calling us today at (604) 513-9428.

When security breaches and data breaches are mentioned in the same breath so often, it’s easy to look at them as one and the same. However, we want to take a moment to explain the differentiating factors between the two, as it could be all the most important for protecting your business in the future.

Defining the Security Breach

A security breach can be explained as unauthorized access to company-owned accounts. This happens when people, or other machines, gain access to an account without the appropriate authorization. This could include the device, the network, a website, a server, or any other part of your IT infrastructure.

Defining the Data Breach

Compare this to the data breach, which is a specific type of security breach that involves unauthorized access to data, like computer files or documents. This also includes the alteration and destruction of data.

Why Does This Difference Matter?

Data breaches are indeed a security breach, albeit a very specific one. However, it’s important to know the differences between the two because of the semantics involved with regulations and other data protection laws out there. There are specific definitions for what constitutes a data breach. To put this into perspective, consider this scenario; when encrypted data is accessed and stolen, would it be considered a security breach or a data breach?

And now you see where the definitions come into play. We always try to encourage our readers to avoid security breaches at all costs, which is why we recommend software like firewalls and antiviruses that can proactively prevent these types of issues. Furthermore, we also recommend that you implement patch management and routine maintenance into your technology strategy to keep these systems ready to protect your business. Combine all of this with security training and complex passwords or multi-factor authentication, and you have an adequate security system in place that can keep most threats at bay.

Coleman Technologies knows and understands your plight, and we would be happy to discuss with you what you can do to better protect your business. To learn more, call us today at (604) 513-9428.