<![CDATA[Northern Colorado Project Management - Thoughts and Comments]]>Wed, 16 Aug 2017 23:39:21 -0600Weebly<![CDATA[ Business Continuity Planning]]>Wed, 12 Apr 2017 15:31:20 GMThttp://northerncoloradoconsulting.com/thoughts-and-comments/-business-continuity-planning
Paranoid or Common Sense?

I was watching the movie The Bourne Ultimatum the other night and the character played by David Strathairn made the statement “I hope for the best but plan for the worst.” While some people are going to view this as a pessimistic viewpoint, they are probably not business owners with their future and the future of their employee’s riding on their judgement. I would have to ask those same people if they have home and medical insurance. There are some risks that simply have to great an impact to not to pay that extra dollar or take that extra precaution to avoid.
Do you have a plan to manage the next business interruption? While we can’t plan for every instance, we can make some educated guesses and plan for the most likely scenarios. The plans don’t have to be grandiose, in fact the simpler the better. For example, you might simply plan on using cell phones if your office phones go down for a short period. Easy. Simple. But, does everyone have a cell phone? And is everyone willing to use their personal phones for business? And probably most important, do you have access to the numbers people need to dial? This is why we need to put together some kind of a plan.
Everyone seems to think of natural disasters when we talk about business continuity, but is that where the real risk is?

I was somewhat surprised when I read this chart. Coming from a background of networking and communications, I thought that Network Outage would have been one of the primary causes. But I’m not surprised that Power Outage is the highest. If you think about the vulnerability of our power system, it shouldn’t surprise you either. We lose power when the weather is too hot, too cold, too wet or too dry. We lose power due to traffic accidents, equipment malfunction and of course, human error. But the most common cause of power outages is animals. 
​Yes, squirrels may be the cause of your business failing. The good news is Colorado is not in the top ten states for power outage. We had 65 major power outages across the state in 2013, averaging a duration of 144 minutes. 
The second highest cause for interruptions to your business is storms. Living in Colorado, this shouldn’t surprise you. Looking at one study, the probability that the front range will experience a blizzard is between 25 and 50 percent. What’s your plan and policy in case of a blizzard? How many days can you afford to be down?
A few years ago, I wouldn’t have believed that businesses along the Front Range would need to worry about the third major cause of business outages, floods. However, the September 2013 floods changed my perception. Nationally, there is a 10% chance that you will experience a flood. Along the Front Rang, Boulder has the highest risk.
Colorado flood season starts in May. Be prepared, know your risks, have a plan.
Who Can Help You Build a Plan to Recover from Business Interruptions?
​Northern Colorado Project Management can analyze your business and determine where your greatest risks are. We can then provide you with mitigation alternatives and help you implement the strategies you choose. We will document and train your staff on how and when to engage your Business Continuity Strategy.
]]>
<![CDATA[RansomWARE!]]>Thu, 25 Feb 2016 19:18:46 GMThttp://northerncoloradoconsulting.com/thoughts-and-comments/ransomware​A February 18, 2016 article in the New York Times stated that Hollywood Hospital in Los Angles paid hackers $17,000 for the key to unencrypt data files and access to the hospital’s computers. Hospital employees had been locked out of the data by this ransomware for 10 days and had been sending patients to other hospitals for treatment during those 10 days. Early reports indicated that the hackers had asked for $3.5 million originally. The ransom the hospital paid was cheap compared to the loss they incurred due to lost business, bad publicity, and time and effort spent trying to fix the problem themselves.
Did Hollywood Hospital have lax security on their computers and network? Probably not.
Did the hospital have deficient or outdated policies and procedures concerning computer security? Maybe.
Did individuals that work at the hospital practice unsafe computing? Probably.
The fact is, we could probably look say the same for almost every company and government agency in the world.
 
Ransomware is the latest plague of computer viruses that are infecting the global internet and computing environment. It’s malicious hackers and virus creators gone capitalist. Technically it’s a virus that infects your computer and any computer that you are openly connected to that identifies and encrypts your data and locking you out. Most of the more recent ransomware puts a timer in the virus that erases your data after a certain amount of time. The impact to a home user is you either pay for the encryption key or you have your home computers rebuilt from the ground up. The impact to a business is obviously much larger.
What can you do to?
As with any good safety plan prevention is the first step.
  • Make sure that the operating systems on your workstations and servers are up to date with all of the patches.
  • Use good anti-virus software and make sure it is up to date.
  • Use a popup blocker. One of the primary methods of delivering ransomware is through popups.
  • Install and actively manage a firewall on your network. This is like putting locks on your doors, keep the bad guys out. If you can, firewall between your employees and your servers. This may limit the spread of the virus.
  • Keep current backups of all of your important data. If the it’s important enough not to delete or you can’t recover the information without effort, back it up.
  • Disconnect or firewall your backup server or disk. This is one of the primary targets of ransomware.
  • Educate yourself and your employees. These attacks happen because someone opens an email or clicks on a WEB site or popup. Make sure everyone is aware of the threat and knows how they work. Paranoia is not always a bad thing!
  • Have a documented plan on how you will keep your business running and how you will deal with this disaster if you get attacked.
 
If you think or know you have been infected with a computer virus of any type, the first thing to do is disconnect the workstation from the network. For hardwired networks this means removing the blue cable from the PC. For wireless networks just shut off the PC and don’t turn it back on until you have your wireless network shut off.]]>