How likely is your business to be able to recover after a disaster? According to FEMA (Federal Emergency Management Agency), 40% of businesses affected by disaster never reopen. Additionally, 25% more fail within the next two years. The consequences of a poorly thought out or non-existent disaster recovery are clear. No business or organization should risk overlooking this critical need.

Natural disasters including hurricanes, earthquakes, and floods come readily to mind when thinking of disaster recovery. And during California’s severe drought, wildfires are of course of grave concern. There are other kinds of disasters to be aware of too. Can your business recover from data loss caused by a power surge? Can your company still function if the majority of the employees are struck by an influenza epidemic? How well can you recover from a security breach?

Your disaster recovery plan should also take into account relatively mundane concerns that can still have a profound effect on your business, including loss of internet service for an extended period or a server crash at a busy time.

Cloud technology is one way of minimizing your risks during a disaster, since it can allow you to place key functions off site in areas at less risk. And while no one can plan perfectly for all possibilities, there are several steps you can take to further minimize your risks. Before disaster strikes you can plan ahead, making sure to consider the following:

●    Your business location – If a disaster means you can’t do business in your usual location, you’ll need to have an alternate location planned. You may need to arrange to transport employees, equipment, data, and supplies.
●    Staying in touch with your customers – Also develop a plan for how you’ll let your customers know your new temporary location and how to contact you.
●    Documenting your property – In addition to keeping an up-to-date inventory of all of your equipment, consider taking pictures of your property to assist your insurance companies if they need to assess damage.
●    Meeting your emergency cash need – Develop processes for how you’ll manage cash flow. You’ll want to be sure necessary bills continue to be paid as well as being able to deposit payments from your customers.
●    Identifying what’s needed to keep your business running – Prioritize your critical business functions and consider how quickly you’ll need to get each function back up and running.
●    Educating your employees – You’ll need to be able to communicate with your employees during a disaster, of course. But all of your planning will be for nothing if they aren’t trained in your disaster recovery processes before a disaster actually happens. Make certain that your employees know what they need to do ahead of time and that they have access to important contact information for vendors, suppliers, your insurance companies, etc.

A final step to consider in any disaster recovery plan is to re-analyze your processes

What is “social engineering?”

Even if you think you’ve taken every possible step to make certain your data is secure, there’s one aspect of security you may well have overlooked – exploitation of the human factor, which is also referred to as “social engineering.” In the context of IT security, this involves the psychological manipulation of people so they act in a way that allows attackers to get past technological security features, or so they share information that should be confidential. For example, rather than trying to break into a system or crack a password, an attacker would instead persuade a human user to give them a password.

What are some kinds of social engineering to watch out for?

Phishing: This is a technique of getting confidential information by fraudulent methods. It can involves attempts to acquire user names, passwords, credit card details, or even money. Phishing attempts frequently make use of the following techniques to make people more likely to share information:
●    Using link shorteners or embedded links to create apparently legitimate links. After these links are clicked, they direct the victim to websites created for fraudulent purposes.
●    Using threats to create a sense of urgency and fear so the victim will act quickly without thinking through their actions (e.g., “Your account will be canceled unless you act immediately!”).
Tips for preventing phishing: You and your employees should be wary of requests for information that should be confidential. Take the time to verify that these requests are legitimate before providing information.

Tailgating: Also known as “piggybacking,” this kind of attack refers to a method of entering an unattended but secured area by simply walking in behind a person who has the proper access. After gaining access to a secured area, an attacker has much easier access to unattended laptops, etc.
Tips for preventing tailgating: You and your employees need to create an atmosphere where it is not considered “common courtesy” to allow entrance to unknown people who do not have the proper security credentials. While it might seem polite to hold the door for another person, train employees to only do so if they also verify that the other person has the appropriate security card or other credential.

Quid pro quo: Quid pro quo means, “something for something.” These attacks involve a promised benefit in exchange for information. For example, a common type of attack can involve a person who makes multiple calls to phone numbers at a company, pretending to be a technical support representative calling to help with a reported problem. Odds are good that after enough calls, they’ll stumble upon a person who does, in fact, have a problem. At that point, the attacker may exploit their victim by having them install malware or otherwise give the attacker access.
Tips for preventing quid pro quo attacks: Technical support representatives should be able to provide identifying information (e.g., a ticket number for a reported issue) before you or your employees trust them with information or access. More generally, you and your employees should be wary of offers that appear “too good to be true,” and of unexpected offers to improve credit scores, financing, and so on.

Additional tips to avoid social engineering attacks

Don’t be in a hurry – Attackers want you to act before you think. When dealing with suspicious requests, remember to slow down.
Be wary of unusual emails – If an email that appears to come from a trusted source seems odd to you, that source may have been hacked. Verify the source of the email.
Educate and train your employees regularly – Make sure everyone in your company is familiar with the various types of social engineering attacks and that they know which information is considered confidential.

REGISTER FOR OUR LUNCH AND LEARN EVENT BY CLICKING HERE

Our hands are fast and precise instruments, but so far, we haven’t been able to capture their sensitivity and accuracy in user interfaces. However, there’s a natural vocabulary of hand movements we’ve learned from using familiar tools like smartphones, and Project Soli aims to use these motions to control other devices. For example, your hand could become a virtual dial to control volume on a speaker, or a virtual touchpad to browse a map on a smartwatch screen. To make our hands self-contained interface controls, the team needed a sensor that could capture submillimeter motions of overlapping fingers in 3D space. Radar fits all these requirements, but the necessary equipment was just a little…big. So the Project Soli team created a gesture radar small enough to fit in a wearable device. It’s a new category of interaction sensor, running at 60GHz; one that can capture motions of your fingers at resolutions and speeds that haven’t been possible before—up to 10,000 frames per second. To get there, the team had to reinterpret traditional radar, which bounces a signal from an object and provides a single return ping. From a hardware and computation perspective, this would have been challenging to recreate on a small scale. So to capture the complexity of hand movements at close range, Soli illuminates the whole hand with a broad radar beam, and estimates the hand configuration by analyzing changes in the returned signal over time.