Your IT, Before and After a Cyber-Attack

What happens during a cyber-attack when you have DIY IT?

IT is relative to each situation. Have you recently experienced a cyber-attack or breach at your business, or have you been lucky so far? To simplify this complicated topic, we will use James, a local independent insurance agency owner, as an example.

James writes policies for multiple insurance companies. His agency employs ten employees at two offices. James does his own IT work, and he thinks he can handle it because he’s not a big business. James wants to do other things with the money he saves from doing his own IT, and when James has an issue he can’t solve, he calls his son’s friend to help him resolve it.

The cyber-attack begins 

One day, a client of James’ scans in a document that requires a signature. The client emails the attached signed document to James’ office. Unknown to James’ client, they have inadvertently sent over ransomware that infected their computers over two weeks ago.  

When James’ office opens the email for review, the ransomware infects their computers too. Next, an employee at James’ office forwards on the signed document to the insurance company, and the ransomware is now in their computer system also.

Business comes to a halt 

When James comes into the office the next day, he finds that he can’t open his documents because the program is now asking for a password. No one can guess the password, and now everyone is locked out of their computers.  

Frustrated, James goes to Google to figure out how to solve this problem for his business. To his surprise, a website opens instead, displaying a message that says he needs to pay $45,000 for his password to be provided to him so he can unlock his documents. James stops and calls his son’s friend to stop by after school, so that he can look at the problem. Meanwhile, James’ business is at a standstill for hours. 

But wait we have back-ups, right? 

Panicked, James grabs his external hard drive where he stores his backups and plugs it into his computer. The ransomware now infects the external hard drive. To pile on more, James receives an email from one of his insurance companies stating that his office infected them with ransomware, and they will send him a bill for the restoration service on their end. 

The professionals arrive 

James calls a local IT company, and they schedule a time to come out in a few days. Now panicked and angry, James sits with his hands tied while he waits for his son’s friend to arrive. Hours pass, prospective clients come in and leave, and then his son’s friend shows up, looks at the situation, and explains there is no hope. Now James must wait for the IT company to pull him out of this mess—hopefully. 

Fast-forward a few days. The local IT company visits to take a look at the situation. Much to James’ surprise, after three hours of troubleshooting, their solution to recover the documents is to pay the ransom. 

The true cost of DYI IT 

You have to ask yourself; do you want to pay nothing now and risk paying in a big way later? When it comes to cyber-attacks, that’s the cost of DIY IT. You may not have a monthly spend on IT services, but this also means you have insufficient backup plans, and you don’t have any formal IT support.  

With DYI IT, a cyber-attack could cost your business up to $158,675. See the potential cost break down below: 

  • $45,000 ransom payment 
  • $675 emergency IT support 
  • $15,000 bill from companies seeking reimbursement from your mistake 
  • $25,000 lost company productivity 
  • $8,000 lost new business during the downtime 
  • $65,000 required certified mail sent to inform customers that their data was stolen

What happens during a cyber-attack when you have a professional IT service?

Let’s use James as an example again, except this time, he uses a professional IT services provider. When the ransomware hits James’ exchange server that is managed by his IT provider, the exchange server opens the email, checks the documents, and checks all the links in a secure and isolated environment. The server then flags the email because there is malicious software attached to it.  

James gets an email that notifies him of the quarantined email, and he calls his IT team. They advise him not to open it and notify his client that sent him the email immediately. 

All tragedy adverted with no loss, cost, or pain for anyone 

Business continues as usual. Sometimes paying now saves a ton later. With managed IT services, you may spend $1,800 monthly, but someone is always available to help with IT issues as they arise, your software and systems are actively monitored for threats, and your business has adequate and verifiable backups. See the cost break down of how much a managed IT services provider can save your business during a cyber-attack below:   

  • $0 ransom payment 
  • $0 emergency IT support 
  • $0 bill from companies seeking reimbursement from your mistake 
  • $0 lost company productivity 
  • $0 lost new business during the downtime 
  • $0 required certified mail sent to inform customers that their data was stolen 
  • Peace of mind—priceless 

Running a business is hard work! Not having a professional IT plan these days is like playing Russian Roulette. If your business depends on email, documents, and internet connectivity to function correctly, you need a professional IT plan.  

You buy insurance for your house, car, business, and boat. The same should go for your business IT. It’s on you to take the proper steps to ensure your business data is secure. Contact Bit-Wizards today to get a network security assessment.  

Comments
 
comments powered by Disqus

Author

Jason Monroe, Associate Director, Solution Development
Jason M. Monroe

Director of Solution Consulting

Read more