After providing Texas Panhandle businesses with IT solutions for nearly 13 years, we have seen it all but there are some mistakes that we see over and over again. When businesses come to us for a free network assessment, we can expect some of the following mistakes to occur. Luckily, we can easily remedy these mistakes and get you on the road to security and safe use of technology.
Here are the 10 most common mistakes that small businesses make when it comes to their technology:
Insufficient tech support
Sure, we may be a little biased on this one but that’s because we truly believe in the power of having a strong, experienced IT company having your back. When a piece of technology breaks down at your business, you need someone on call to fix it immediately. Every hour of downtime means lost revenue. A lot of companies try to get by using as little IT support as possible. They end up using “the guy” that someone is related to that knows how to fix computers. This is a huge mistake. You need a team of professional people with many years of experience to be fully supported.
Also, many companies take the “break-fix” approach. This means they wait until their server or workstation breaks down before they fix it. A better approach is a managed service agreement in which your chosen IT company proactively monitors your network, keeps everything up to date, and fixes problems before they cause excessive downtime.
Poor security practices
This can include failure to install a good antivirus program, failure to regularly update systems, failure to install a good firewall, etc. Companies ignore security because they don’t understand the risks or because they simply don’t take the risks seriously. We are here to tell you that you need to take it seriously. Most businesses think that they will never be the victim of a cyberattack, despite near-daily stories of hacks in the news. They believe that the cost of implementing the right security features is not worth it. However, the cost and difficulty of overcoming a cyberattack after the fact is astronomical, often shutting a business down completely
Using pirated software
Purchasing software licenses for your business can be expensive. This makes the thought of downloading free software from other sources quite tempting. Why pay $500 for Quickbooks when you can get it for free, right? Wrong. Not only can you be fined for downloading pirated software, but it can also open you up to viruses (as many software sources are fronts for malware). You can opt to download alternative (off-brand) versions of software or you can use the Software as a Service approach and pay monthly.
Insufficient employee training
The weakest link in any security strategy is usually an employee, especially a poorly trained one. Employees need to understand acceptable and unacceptable uses of technology. They need to know what sites they shouldn’t visit on the internet and whether or not they can download apps to mobile devices. They should also understand basic troubleshooting techniques if some of the technology that they use daily has an issue. If an employee can quickly fix a problem, you won’t have to call in the IT company and you will save a lot of time and money.
Unregulated Mobile device use
Mobile devices are efficient and useful but they can contain a TON of sensitive data. They are mobile, hackable (just like any piece of technology), and can easily get lost. All company mobile devices need to have antivirus installed, they need to only contain encrypted data, they should stay updated, and they should only contain acceptable, safe apps. In addition, policies and procedures should be created so employees understand what they can and can’t do with a company mobile device.
Lack of policies and procedures
There are actually very few businesses in the Texas Panhandle that have written policies and procedures in place regarding the use of technology. This document is called an Information Security Policy and it can be your lifeline when your company suffers from data theft or data loss. If you don’t yet have an Information Security Policy, you need to read this blog.
Using old hardware and software
Amazingly, we still see a lot of businesses using the Windows XP operating system (which has not been supported for over two years) and Windows Server 2003. Using old hardware and software leaves your company open to known vulnerabilities that will never be patched by the hardware or software company. This means that the likelihood that you will get malware or viruses increases tenfold. Also, old hardware is simply inefficient. It breaks down a lot. While you might think you are saving money by not upgrading, in reality you are losing money through downtime.
Poor backup strategies
Many companies that we come across don’t have a backup strategy in place. They are storing crucial data in one place. This is highly dangerous. Hard drives fail all of the time and you are not guaranteed to get your data back. At any rate, data recovery is an expensive process. You should store data in at least three places: on your computer, on an on-site external backup (like an external hard drive), and in the cloud. The cloud backup will provide for continual backup of data so in the event of data loss, you will likely save everything. We recommend Carbonite for your cloud-based backup. If you lose the data on your computer, it’s easy to recover it from Carbonite.
Incorrect disposal of old technology
First of all, throwing away old technology like computers, printers, point-of-sale systems, and cell phones is terrible for the environment. It can cause heavy metals to leak into the water supply. Right now, electronic waste makes up 70% of America’s total toxic waste. It’s important that old technology is disposed of properly. In addition to damaging our world, if you throw a laptop in the trash without wiping it correctly, your sensitive information is at risk. The good news is that we can take all of your old technology (except televisions), wipe it, and send it off to a recycling company that will either dispose of the parts correctly or reuse the parts. The best part? It’s completely free for you.
Ignoring compliance laws (HIPAA and PCI)
We understand that compliance rules are confusing and complicated. It takes an expert to understand it all. That is why we often see companies, especially healthcare organizations, who are not fully HIPAA compliant. Unfortunately, the penalties for non-compliance are steep so it’s not something you want to take a chance on. When it comes to the technology aspects of HIPAA and PCI compliance, we are experts and we can get you there.
If you find yourself guilty of any one of these mistakes, don’t fret! There are technology solutions that can remedy each of these situations and there’s someone (us!) right around the corner that can help you out. Give us a call at 806-350-8324 to get some help.