How to Protect Customer Information from Cyber-Crime

Air Date: 06/23/2020

How to Protect Customer Information from Cyber-Crime


How to Protect Customer Information from Cyber-Crime


Dan: And good morning. It is 8:30 and on the phone with me, I have Bit-Wizards Tip of the Wand, both of the guys, the big brains, I have Vince and Sam. How are you guys doing today?

Vince: Good morning, Dan. How are you?

Dan: Well, we're all hanging in here, vacant. I wish you guys were able to come in here. I think pretty soon, we'll probably able to scoot you guys in. At least I am hoping we are. I know that you're over there safely distancing from each other at Bit-Wizards. And by the way, how are things going as far as being able to get out in the public now things are kind of opening up? Is that helping you guys out much?

Vince: I don't think we've really had to do much of anything all the way through. We did some of the early stuff, but in general, our folks go out onsite if they need to go out onsite and we operate remotely when we operate remotely, which is core part of our business. So this really hasn't impacted us too, too much. The main thing that we've been focused on is trying to make sure that our customers can operate virtually and make sure that they can sustain operations.

Sam: One thing I did is I got the two in one keyboard with a trackpad built in. I got a couple of those for our team. So if they go on site and they have to work on someone's machine, they can basically take their own keyboard, a mouse with them without having to get on somebody else's keyboard. Regardless of COVID, that's, I'm not sure I really want to be wiping my hands all over somebody else's keyboard anyway, depending on how much they wipe their nose throughout the day.

Dan: That getting kind of personal right there I guess.

Vince: I would bet 80 to 90% of what we do is done virtually. We don't even have to go over our satellite for the most part.

Sam: Yeah, more so.

Vince: We've put our customers in the cloud and we make sure that we're monitoring and keeping their computers up to date at all times. So typically we've driven the customers, getting them to go virtual before they knew they really needed to be virtual. So we wanted to make sure that they were prepared and if they stay, not at the bleeding edge of the spear, but up near the tip. We don't want them to be one of those businesses that are at the butt of the shaft.

Dan: Nobody wants to be at the butt of the shaft now. But you guys probably don't really have to go out person to person after you get everything set up. That's kind of what I'm hearing.

Vince: Not too often. There are some things that you still need physical hands-on for things. And we do do that, but our business model and the way that we support our customers, again, we support customers all over the country. We have customers in Lodi, California and Michigan and Ohio and Cincinnati, New York. So as well as right here on the Great Gulfcoast and Destin-Fort Walton Beach.

Dan: Have you got any customers in Hawaii yet?

Vince: We do not. Not yet.

Sam: But if we do, that will require more hands on work and I'm going to volunteer as tribute to be the person to do the physical installation of any hardware that's necessary. It'll only take four or five weeks I'm guessing.

Dan: Yeah. And probably need to do that maintenance once a month.

Sam: Yeah. I'm not sure who the company is yet or how large they are, but I'm sure it's going to take four or five weeks.

Dan: All right, guys, let's dig in.

Announcer: BiT-Wizards, Bits and Bytes.

Vince: So here we go. Bits and Bytes is where we discuss some items from the news. So I'm going to start off here and tell you, hey, look, I grew up with the motto, be prepared. It was ingrained in my brain because I'm an Eagle Scout. And when you think about small businesses and what's going on, the online publisher for small business technology, **inaudible** just talked about the fact that they were measuring the impact of COVID-19 on small and medium business. And the results show that a staggering 75% of all SMBs or Small and Medium Businesses report that COVID, has negatively impacted their business. And almost two thirds of those believe that revenues are going to drop by 30% or more. And so the key thing out of those findings were that the businesses across all industries are suffering with personal services, hospitality, and manufacturing taking a hit. And you know that personal services and hospitality are a huge part of our economy here locally. But not surprisingly the businesses who were prepared to weather the storm and we all know that being prepared for a storm like a category three, four or five hurricane is paramount to surviving post-catastrophe. So what are those businesses doing? And what separates to prepare from unprepared?

Sam: Well at the core, the biggest difference is they've created a resilient company operations by having and relying on technology to help fill the gaps. So they're anticipating the crisis. Now, I don't think anyone was anticipating COVID-19, but as Vince been says, we live in an environment where we're used to having to worry about storms coming through that could take out the power, take out access to work for a certain amount of time. So these companies that were prepared for this are the ones who were already thinking along those lines. And the core difference there was that they had relied on technology to help fill the gap between a traditional way of doing business model and a more distributed method. So they've implemented remote IT technology, which allows them to change or postpone or even canceled physical meetings in real world or meet space, as they call it in the cyber world. So they can continue having meetings and appointments and events and still keep even full operations ongoing but doing all of it virtually. I think for a lot of people, they hadn't even heard of Zoom two months ago. And now Zoom is the buzzword of the day. And they're having Zoom meetings with their family and with their school kids, teachers. But there are plenty of business out there who had already prepared for this and already known ahead of time how to move virtually.

Vince: It's even created a new syndrome out there for all you people that like to play the victim, it's called Zoom fatigue. So its at real thing now.

Dan: Well, I thought you were referring to a Mazda or something. I guess I was [ inaudible 00:06:35].

Sam: That's right. And now you get to have people comment on your collection of books in the background. When you're having a meeting like, really, I can't believe you read that. So things have changed. But for a lot of companies, this is a whole new brand new way of doing business for them and it's scrambling catch up. But there are still plenty of organizations out there that already thinking this way and having the technology in place to be able to have basically backups to processes, not backups to your data, but backups to your processes. If we're unable to meet in person, how will we continue to meet? Well, we have Office 365 teams. So another thing is they've had alternate avenues and revenue streams. So prepared businesses are always expanding sales channels to include e-commerce virtual as well as physical options to help them increase sales and very revenue streams. And this just goes back to the old adage about not putting all your eggs in one basket and how diversification is key. And so that is looking at your subject matter expertise that you do as a business and saying, " Okay, we provide this one service very well, but what are some ways we can do some different methods to still maintain our revenue stream even if circumstances change and we're unable to have in person meetings."

Vince: And some of the smart businesses have done things, used to say, well, that doesn't apply to my pontoon rental or my vacation getaway that you might have here in the Gulfcoast. But some of the more innovative people I've seen have taken their online presences and they've done things like ask people to go ahead and buy gift certificates or buy adventurous in the future or... So post-crisis and you got to pay that piper later on, but here's the deal, you're catching that revenue early and you're getting it now and you're getting to use it. And it may carry you and cover you during the time when things are down. So having those different revenue streams is absolutely critical. If it's one thing that hurts us on the Gulfcoast, it's embracing a mindset of the status quo. We hear it from a lot of business owners that if it ain't broke, don't fix it. But prepared companies, they embrace pivoting within their company. They create cultures of continuous transformation, innovation and improvement as part of their business model. And if you want to survive and thrive then the message here is be prepared. And so with Bit-Wizards, we are your strategic enabler. We stay on top of all those IT trends so you don't have to. And our managed IT services is a perfect way to go because we provide you within that service, a virtual CIO service and it helps you establish and embrace that pivoting. And it helps you create that culture of continuous transformation, innovation and improvement as part of your business model using that technology as a strategic enabler.

Dan: Got you. And it makes good sense because when you have managed IT service like you guys provide, then the businesses can continue to move forward. In business I've always heard that if you're not moving forward, you're falling behind. And so that makes good sense that you guys keep everybody up to date. And I know that you know business so you can help them use their IT services to expand their businesses. What I like, what you're talking about earlier, Vince is being able to capitalize on that capital, if you will, ahead of time by the innovation that some people are using online. That's that seems like a very smart business move.

Sam: And this isn't technology related, but it seems that it's become quite evident during even the crisis we're going through now that they're the people who have that victim mentality that Vince is talking about and saying, " Oh, **inaudible** was me? Everything is shut down and how can we survive?". And I'm not downplaying it all the effects of this is definitely having on businesses. Even just the statistics we talked about this morning that the revenue decreases. But there's also people that we see, a lot of our clients, who are seeing this as an opportunity to innovate because a lack of resource, **inaudible** always said that, a lack of resources plus a vision or a goal always brings about innovation. You want to succeed, you want to do something, but you don't have the resources to do it. Well, these seem to be some limitations that we have that are thrust upon us, whether we like them or not. And so the opportunity here is either to wallow in self misery and say, " Well, I guess there goes my business." And again, some very valid reasons why business is being effected, but then there's also the opportunity to say so in this instance, how can I innovate? And innovation and technology do go hand in hand, which is why it's something we talk about a lot. Of ways that we can help optimize the way you do business to get what you know that other people don't know that makes your business successful and find new ways to make that available to your customer base.

Vince: It's a growth mindset versus a fixed mindset or a glass is half full versus half empty. Everybody lauds, whenever we have a hurricane, it always amazes me here on the Gulfcoast because the people here are really awesome. And when we have a hurricane, we have a catastrophe. Everybody pulls together. Yeah, you've got a few over in the corner that sit there and lick their wounds and complain and don't do anything about it. But as a whole, as a community, we come together, we make things happen, we mutually support each other and we get through it. And that can go just a little bit further if each individual is a little bit more prepared, has their resources stack, has their businesses squared away, has all the things in place. And then we can all come together as a community and mutually support each other after the storm. And that's...

Dan: I certainly agree with that because being prepared, like you were talking about earlier, that's the key. I mean, oftentimes people are just barely creeping up to what the requirements are but when you're well prepared for any circumstances that you can maybe foresee in the future and nobody saw the Coronavirus coming, but be prepared to kind of weather the storm, if you will. I can see exactly what you're saying, because you're doing the most that you can possibly do to prepare for anything.

Vince: Absolutely. And not be afraid of change. You've got to embrace change. That's part of that growth mindset. If you embrace change and you imbue that transformation mindset, that constant iteration and expanding and improving on your business, you're going to do much better. You're going to survive really tough times when they come around.

Dan: Absolutely. Okay guys, let's change subjects here.

Announcer: Bit-Wizards, what's up our sleeve?

Sam: So what's up our sleeve today? We want to talk about protecting customer data. Now we've talked quite a lot in the past about protecting your data and all the different things that we do in place to make sure that you protect your privates. You may have seen some of our billboards referencing about protecting your privates. But one of the bigger things isn't necessarily the information you have about your business but some of the information you have about your clients. And that's because small businesses certainly aren't immune to cyber crime and the cyber threat landscape has evolved. And **inaudible** don't stem from only rogue hackers, hoping to get access to corporate secrets from large businesses. Instead, small businesses now are just as likely to be the victim of cyber attacks as large corporations. And with organized crime groups targeting points of weakness in the hopes of making quick money. We always try to bring these around to analogies and it's very easy to think, I'm not the MGM in Las Vegas, so I'm not going to get hit with some jewel thief heist that you're going to see in the movies. But the truth is most people aren't getting hit like that. Most people are getting their pockets picked while they're walking around the city with their family enjoying their vacation. And so it's the same with small businesses. The bad actors that are out there, the crooks are typically attacking small medium sized businesses because they're an easier target. And they're able to make up in quantity by hitting so many small businesses to be able to compare to trying to hit the big people. So which industries are at most risk for cyber attacks? Well, the highest one is just general businesses. The average small medium sized business is the biggest target for attacks. The Identity Theft Resource Center found there were over 1500 track data breaches in the US in 2017, with 870 of those breaches impacting enterprises. If that number seems low, remember that's only covering the reported and tracks data breaches and not the many, many attacks that go unnoticed or are kept quiet because the company that got attacked doesn't want to publicly announce all of the information that they've been compromised on.

Vince: And that's an interesting point because a lot of people think, oh, well, if I get hacked, I'm going to be able to call up Sheriff Ashley and get one of his deputies to come down and help me track this down. They simply don't have the resources to do that neither does the FBI or any of the other major law enforcement. The FBI is looking at places like target data breaches and the Department of Defense data breaches. And I can tell you, I've got a couple of friends of mine that do not use Bit-Wizards and they have been hacked or they've been a victim of cyber crime from an employee. And then it's ended up in lawsuits. And basically judges are just taking a demit on this with this **inaudible** they're saying, " If you don't protect yourself, we're not going to award you damages or we're not going to go the extra step for you with the court system." And the deal is if it goes to court, nobody wins.

Sam: That's right.

Vince: A couple of the other industries to take a look at are healthcare. About 24% of all data breaches happened in the healthcare industry. And 83% of all physicians pulled by the American Medical Association said that they've faced a cyber attack. Obviously banking and finance, those institutions are heavily targeted by cyber criminals and near and dear right here on the Gulfcoast is retail. The rise of e-commerce is leading to a rapid increase in attacks on targeting merchants both online and also through the people's point of sale systems. Because point of sale systems are now connected to online, software as a service applications and things like that. And retail businesses have to take the steps to make sure that they're protected with their IT and the systems that they use.

Sam: And it's shocking how little information these hackers need to be able to engineer their way. They call it social engineering, but to work their way into the systems they want to get into. So if you're a business, I'm guessing you have clients. And if you have clients, then you are somewhere storing some information about those clients. And so we can ask ourselves, what are the data hackers? What are they targeting? And beyond just knowing which industries are at risk, it's important to identify which data they're looking for. So again, they're looking for information that's stored on mobile devices. Think about all the contacts you have stored on your phone or on your company devices that has information about your clients just stored on there, whether it's documents or contracts or even just their contact information.

Vince: And mobile devices are often the least secured. We find that a lot of business owners will lock down their internal networks and then forget about all the peripheral devices that connect to them. And so these are soft places for hackers to go and get in. But what kind of methods do the hackers use Sam? I mean...

Sam: Well, there's several types of cyber attacks. Of course, malware is one of them. If they can get a virus onto any device on a network, then they pretty much got their foot in that door. And Kaspersky study mentioned, we mentioned a little earlier, says, 24% of businesses have been hit by malware. Malware's just ransomware, viruses, spam, adware, all of those different kinds of ways they attack are all grouped together as malware. And it's the malicious software that accesses the system and then sits around in the background sending data about you to the people who attacked you. So a good example, that would be an application we call a Keylogger. It just sort of sits in the background and it remembers every single thing you type. And that's pretty common for malware infecting a system because they can use that. If you've typed in your password, then they've gotten those keystrokes. Now they know your passwords.

Vince: Yeah. But if you're Dan, you got to worry about, he's probably got DJ Xtrordinair and that's an easy password.

Sam: That's his easy one.

Dan: Or let me in I'm the best DJ. That probably works.

Sam: It's password, but I put a four instead of the A. They'll never see it coming.

Vince: Or an @ symbol.

Sam: An @ symbol, they'll never see that coming.

Dan: I think you guys really do have Bit-Wizards **inaudible** for your passwords. Bit-Wizards one, Bit-Wizards two. Top Bit-Wizard. I get you. Okay. Hey, I guess I'm just going to ask you a question about that. Do you think that they target the small businesses because oftentimes small businesses may not have Bit-Wizards as somebody that's taking care of their IT service?

Vince: Well, I don't know if it's because they don't have Bit-Wizards because I think that when somebody does have a company like ours doing it, they're also a target there too. But we go, at Bit-Wizards, the extra mile. So we are a certified SSA-18, SSC-1. We're in the process of getting an SSC-2. And what does that mean? It means we've got policies, procedures and things in place to make sure that we have continuity of business, that we're doing all of the right things that are necessary to protect customer data. We go above and beyond with what we do because not only we have our own data, but we've got all of our customer's data. We know some of their passwords and access into their systems. So that makes us a little bit of a target as well. Because if a hacker can get in and get us they can big claim to fame. Plus we have insurance and a lot of other things to make sure that we're covered. We're not fly by night here.

Sam: But then as Brett and Louis were talking about this on the show last week, we take some steps that we go a little bit further than anything that would be out of the box. So with Office 365, we do a whole series of steps that hardens an Office 365 environment more than what you would get just standard. I've traveled the world a lot when I was younger. And I learned very early on that someone who's dedicated and wants to steal your stuff is going to find a way to steal. However, one of the things you can do is not try to be a hundred percent protected it's to be more protected than everybody else on the block. And so if I was backpacking across Southeast Asia and my backpack happened to have those little padlocks and all of the zippers, it's not going to stop anybody from getting in there, but if there's a bunch of backpacks altogether and one of them is covered in locks and the other four aren't, the thief is going to just rifle through those other bags and ignore my one completely. And so that same method of security there, maybe not just because it's Bit-Wizards managing someone's network that helps deter people from attacking, just the fact that we up the level of security on it. And there are so many easier pickings out there of people who do not have managed IT taking care of their security for them.

Dan: I got you. Well, what I was really referring to on that guys is the fact that sometimes small businesses, they neglect, I think, a lot of what we're talking about today as far as what you provide with Bit-Wizards your managed IT service, they neglect that. Because we've had conversations about that before and the small businesses were like, they're not going to target me, they're going to target the big guys. So what do we have to worry about? Do you think that's a little bit of mentality out there that the hackers know is going on?

Sam: Yeah, I would say so. I think the, again, that assumption is I hear it so much from local businesses, I've got nothing they would want, what could they possibly **inaudible** from me. I'm just a little insurance company. I'm just a little realtor working out of my home office. I'm just a small something, the arborist service in the area. What could the packers possibly have one that I have? And the truth is it's not that they want what you have, it's that you want what you have. And all they have to do is stop you from getting to your stuff. And that's easier than trying to hack into a large government facility or a big, big bank.

Vince: It's amazing how people's perspective changes once they get hacked or something happens. I mean, they are literally in a panic at that particular point. And in some cases, by the time they're hit, it's just too late, Dan. Sometimes there's just, in some cases after the fact, there's not a lot that we can do. There's no way that we're going to be able to break the encryption that somebody may have if they've been ransomwared. Our only thing is to pray to God that they've got a backup of some kind, if not, what we're going to end up doing is wiping their machine and starting over. And in some cases, that means that people have lost their QuickBooks files, they've lost bank account information, passwords, all kinds of things that they have stored that is really going to cause a lot of business disruption. And I don't remember the exact statistic, but I know it was pretty high. I want to say it was 60% of the businesses that has some sort of data breach, typically small businesses, go out of business within one year.

Sam: Wow.

Dan: That's bad. Well guys, let's get back to our last segment here.

Announcer: Bit-Wizards. From the spell book.

Sam: So this is where we demystify some technical geek speak. And I think we've got a good one today because it's something you're going to be seeing in the news a lot this week. And that is the CPU. So the central processing unit of your device and the differences between the different kinds. And the two big ones are ARM processors and Intel processors. ARM processors, family of CPUs, they run what's called the RISC Architecture, that's a Reduced Instruction Set Computer. So it has a smaller set of commands that the CPU manages. They make 32-bit, 64-bit multi-core processors like everything else, but they are specifically designed for low power devices. So your cell phone, your tablet, whether it's Android or Apple or whoever it is, is running an ARM processor inside of there. But that's why you're able to get all day battery life out of your phone and not out of your laptop. Now, laptops and desktops typically have Intel processes inside. Those would call it x86 style processors. They've been around since what? The 80s, I guess, late 70s. The 8086 line first came out. Yeah, the 8088s and the 486s and the 386s.

Dan: I had one of those.

Sam: Oh, okay. And so what we're using today is really just the great, great, great grandchild of that 386 computers that you had in the 80s or in the early 90s on the-

Dan: No you're talking about one in my office.

Sam: Yeah. The one you're using now, actually. That 486 that you're using to run the show.

Dan: It's lightning fast.

Sam: So there's always been these two different types of CPUs. One that we use in desktops and even servers have a higher end of that called the Xeon series. But Apple made a big announcement yesterday and they said that in their Mac desktop computers, **inaudible** laptops or desktops, they are going to start moving towards using the same ARM chips that they have in the cell phones and in their iPads and they can start putting these into Macs now as well. So that was a really big deal yesterday. We've yet to see what the ramifications of that are going to be. But it should mean longer battery life. The question is, does it mean underpowered?

Dan: Interesting. Well guys, let's wrap it up with, you guys usually have a client you'd like to talk about.

Vince: Yeah. We're going to give a big Bit-Wizards thank you and shout out to our customer Lisa Jo Spencer, attorney at law and her team. And so I know Lisa Jo, she's a life director at the Fort Walton Beach Chamber and she is a prominent attorney and veteran and she specializes in probate, guardianship and estate planning. And she served as part of the JAG within the air force. And she's an average contributed to our community. As I mentioned, she's a life director at the Fort Walton Beach Chamber of Commerce. And she is a customer of Bit-Wizards Managed IT Services and we want to thank them for allowing us to serve them. And we certainly enjoy working with her and her paralegals and staff. They are phenomenal.

Sam: And we love working with Lisa Joe. One of the reasons she came to us is because they were outsourcing some of their IT and it was taking them weeks to get a response when they had an IT problem because the guy just had too many other things on his plate. And they've moved over to us with, we manage their it for **inaudible** now. And they talk about it a lot. They couldn't be happier with the response time and the level of service the way we provide. So they just don't have to worry about their IT at all anymore.

Dan: Of course. I would imagine you guys take good care of Lisa Jo and her staff over there because you guys take care of all of your clients. Bit-Wizards Tip of the Wand, Vince and Sam, we always appreciate you guys coming on and look forward to next week and hopefully you guys will stay safe.