(Video) How to Protect Your Money and Cards within an SME from cybercrime

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd and Amazon #1 author on Cybercrime asks how small and medium business and not for profit organisations are securing the information about money and cards from cybercrime.

[Start of transcript]

Hello, my name is Roger. How do you protect the money and your card information within your organization?

Small or medium business not for profit organizations have a requirement to A. Collect money otherwise they get broke and B. To secure the information concerning that money and how it’s being collected and diversified and the banks getting the information.

But on top of that, if you’re running an e-commerce site for instance, then the information that people are putting into that page in the digital world is really important because the criminals are targeting that as well. So if you take payments from the internet or the digital world, or you run a system , how do you make sure that that information is always secure?

Now this is a major target for the cyber criminals because they know that most people, when they set up a website or set up an e-commerce site or accept credit card and PayPal information that they haven’t set it up because they might not know quite what’s going on, they’re not fully understanding what is required of protecting that information.

But on top of that, if you’ve got an e-commerce site, you need a payment gateway. Now that payment gateway is literally the gateway between your site and the bank. And you have to make sure that as you’re accessing that gateway it is in a secure fashion.

The other way you can accept money is through PayPal, or if you’re on places like EBay where they have a platform store, which actually points to a payment gateway.

So what do you need to do to make sure you’re protecting the information? Well, you got to make sure that you’re receiving information from your potential customers and clients and the moment it goes into their computer nobody else can reach into your system. The only way to do that is with a high level encryption component and this is where SSL and TLS comes into it. SSL encrypts all the information and the only people who understand what’s going on are the computer that’s sending it and the one that’s receiving it at the other end.

So protecting that information against cybercrime is also very critical when you’ve got the information itself. So you’ve collected the information and now you want to store it somewhere. Again, you’ve got to make sure that you’re storing that information in such a fashion that you cannot be hacked.

Thank you very much.

[end of transcript]

 

(Video)Why is a managed firewall a good business decision

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd and Amazon #1 author on Cybercrime discusses why a managed firewall is a good business decision.

[Start of transcript]

Hi. May name is Roger and today I’d like to talk to you about why a managed firewall is a good business decision. Now, small and mediums business, not-for-profit organizations, SMEs in general are usually the people who go down to the local retail store and buy an off-the-shelf that connects your business to the internet. Now usually they are a dumb piece of equipment. Yes, they will have all the and they can connect and they have a rudimentary firewall in place but they’re not really or truly protecting your business.

To protect your business you need to have the next step up. You need to have what we call a UTM, a Unified Threat Management system. Now unified threats means it looks at all the problems that are on the internet. So it’ll manage your people going to infected websites, it’ll manage phishing attacks, it’ll manage intrusion detection. So it’ll tell you when people are trying to attack you. And that is very important as a business.

But when it comes to managing a business, you have a problem that next step up is also the next step up in how you program it, manage it, look after it. And in most cases you are putting CISCO, FortiGate, Palo Alto in place and you don’t have the expertise internally to manage it. This is where the managed service provider comes in. Because they have the expertise to manage it.

They have the expertise to make sure that it hasn’t got any problems. They have the expertise to make sure that no matter what happens you know that it’s been put in place properly. It’s got the right management in place, it’s been updated regularly and it does protect your business. And that’s what a good firewall does.

Thank you very much.

[End of transcript]

 

(Video) How to protect your Financial Information

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd and Amazon #1 author on Cybercrime discusses protecting your financial information from cybercrime.

[Start of transcript]

Hi. My name is Roger and I would like to talk to you about how to protect your financial information. Financial information is not just the information that you’re collecting about other people. so it’s not just about credit cards, it’s not about security codes on the credit cards, it’s not about expiration dates. What we’re looking at is the financial information that you hold within your business.

So if you’ve got information about your bank account – who has access to it? Why have they got access to it? Have you segmented your business so that only the people who require access to your financial information have that access to the financial information? Or are you using one username and password that logs on for everybody in the business?

So you always have to look at what financial information is and how you are protecting it to a level where not only are you protecting the credit cards of your customers and the credit card information of the customers but you’re also protecting your bank balance and your bank accounts, and access to that accounts.

Because the cyber criminals are a very persistent group of people and they will go after anything that they believe makes them richer. So if you’ve got financial information make sure you are protecting it with all of the right things in place. So they have got secure passwords. Nobody has access to it apart from the people who need access to it.

Thank you very much.

[End of transcript]

 

(Video) How to prove your Cybersecurity is working

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd and Amazon #1 author on Cybercrime discusses why you need to prove your cybersecurity and digital security.

[Start of transcript]

Hi. Today I’d like to talk to you about how to prove your Cybersecurity is working. So you’ve put a lot of defense processes in place and now you need to find out how secure they have made your business. Now, in most cases the IT department will their own run tests or your managed service provider will run their own tests.

But those tests are based on what they know about how it should be protected. So they’re using best practices and they’re using the patching and making sure it’s got all the up-to-date information on them. But you can never be sure that that system is now secure unless you have someone test it. But the trouble is we’re testing it, you have to find a person who’s not going to put patches. Who is going to tell you exactly what you need to do. And also not rely on them making a report to you and then expecting you to pay for the fix if there is one.

So making sure that cybersecurity is secure and your organization is secure is really an ongoing process. But the outside world or the people who are attacking your business are using automated systems. They’re using automated scripts, they’re using automated systems to access social media sites and learning how and what and who you are. So you have to make sure that your cybersecurity is working. So how can you do that?

Well one of the best ways you can do it is you pay to have someone try and compromise your systems. But trying to compromise your systems, they’re using the same attack factors that the bad guys are using. They’re using the same processes that the bad guys are using. They’re not relying on, we know there’s a problem and we know how to get past it. But they are relying on how the hacker or the script kiddie or the hacktivist is going to try to access your system. So one of the big things about the IT world is we’re very arrogant. We all admit that across the board. What I say is how I do things. And when it comes to IT that’s what a lot of people believe.

But the problem is, with that sort of attitude, is it’s got no room for someone who knows something about the system that I don’t know about. So if I’ve got an external person coming in to test my cybersecurity then I know that they are going to use a different tactics, they are going to use different systems, they are going to use totally different objectives to what I expect. And that is what cybersecurity is all about. They maybe only getting in but you’ve got encrypted information of – all your databases are encrypted.

Then if they do get in they still read information, you get a report, but you’ll also know that that information hasn’t been able to be compromised because it’s encrypted. So when it comes to how you’re going to make sure that your systems are working, you need to prove your cybersecurity. And if you prove your cybersecurity your information and your business and the people who trust you to hold that information is going to be very very high.

Thank you very much.

[End of transcript]

(Video) How playing a game can improve your DR

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd and Amazon #1 author on Cybercrime discusses how playing a game can improve your DR process

Hi. My name is Roger. Today I’d like to talk to you about how playing a game can improve your disaster recovery. Disaster recovery is understanding what your business is going to do when everything goes catastrophic. So what are you going to do when building winds down? What you are going to do if flood waters come through? What happens if you get a cyber attack and they take out your main systems?

So disaster recovery is really important because it makes sure that you have the plan to go forward and go onto your business continuity and make sure everything works. But how do you test it. You don’t want to be in a situation where the first test that you do of your disaster recovery is when the flood water is flowing in under the door. Because that is not a place to be. And I can tell you it’s an experience that I wouldn’t wish on my worst enemy. So how do we test it? One of the ways we can test it and have an impact on the business is to actually physically do it. [Indiscernible 00:01:12]. What’s everybody going to do when everyone’s running around in circles? That is not really good and economical way of testing a disaster recovery. And disaster recovery needs to be tested regularly. Once every six months, once every three months, once every year minimum. So it needs to be done. But you don’t want to take everybody out of the loop and make sure that they literally stop working. If you stop working, all of that money, all of the revenue these people are generating is just going out the window. So what you need to do? Well, one of the things we’ve come up with is you play a game. You pick all your primary people around a table in a boardroom and you go [Indiscernible 00:02:00] and he will say, okay you’ve lost this.

Now what is your business disaster recovery system going to make sure that you can do about that? Is the back up in place? Where is the back up? Who’s got the back up? Is the backup [Indiscernible 00:02:18]. So let’s take out the server. The server has what? What are you guys going to do if you don’t have Exchange? Office 365, you just take an internet connection.

What are going to do now? That is what disaster recovery is all about. by finding out how you react to those cards [Indiscernible 00:02:43] will then you will find holes that you can resolve and make sure that when the real problem happens, when flood comes underneath the door, did you have a solution in place that is going to go, turn that off, pick it up and move it over there, hand it in, turn it off and off you go. Because that is you disaster recovery plan. So if you want to have a decent disaster recovery plan without using a revenue usually involved in testing it, then please contact us, we will quite happily come on the [Indiscernible 00:03:21] and make sure you that can do it. Thank you very much.

[End of transcript]

 

(Video) Will IOT impact your SME

Hello. My name is Roger and today I’d like to talk to you about will the Internet of Things (IoT) have an impact on your small business? Internet of Things is a new technology that’s coming out and is now becoming an underlying component of a number of things. Internet of Things relies on two things. One being able to report to something and Internet of Things device can be collecting data about anything.

So, for instance as a product for tracker if you want to make sure that your mobile phone – well not mobile phones, it’s a bit big for that – but your laptop can’t be stolen, you set a little tracker that [Indiscernible 00:00:48] and anywhere in the world that will tell you where it is by using the internet and a large number of other systems that they’ve got in there.

How about the pro-fit systems that are now coming out. Where I can put a band on my wrist, it will tell me my heartbeat, my blood pressure and how much sweating and whether I need to drink in…All of those components.

Now for small business, pro-fit may not be a good fit. But things like tracker would be because the Internet of Things is going in that direction. We are building devices now that are going to benefit people. We used to have systems that were complicated, not very robust. Whereas Internet of Things, you can buy one, put it on whatever you need it to do to monitor and report back to you.

And it will last for twelve or eleven months without changing batteries. And it’ll talk to whatever device you’ve set it up to talk to. So if it’s got a Bluetooth component, as I set pro-fit, it talks to your phone which then tells your main system how fit you are and what you’re doing and why you just had a [Indiscernible 00:02:02] heartbeat because you’ve been pushing too much.

So that’s what IoT will do. So the impact it will have on your business over the next five or six years is going to be pretty huge. And it’s something you need to start factoring in when you’re thinking about how you well you are going to do business going forward.

Thank you very much.

[End of transcript]

 

(Video) How mobile is your business

Hi. My name is roger and today I’d like to talk about how mobile is your business technology. And why does your business need to be mobile. Business world has changed rather drastically in the last couple of years but more and more people are doing business on mobile phones, tablets, laptops.

Because they can. Because all the associated systems utilize the cloud technology component of any business. So if you want be able to collaborate and you don’t know quite how to do, but you have an application that does that.

Then the application needs to be able to be used in a coffee shop. And you need to be able to get into that application at home. And if you’re [Indiscernible 00:00:52] where you’re doing project management, all of those emails that then come through the system saying you need access to the system at all time.

But the mobility is really critical about one other thing and that’s the connection to the digital world that device has. This 3G or 4G is irrelevant. As long as there is a component that connects you to the rest of the digital world then you can utilize and make your business mobile. But mobility doesn’t mean everything has to go into the cloud.

By having components like info soft for instance which is a sales component you can utilize, you don’t really need it on phones. You may need it on tablets because you can then go and have a meeting with someone and take notes directly into the system.

Very hard to do it as a phone device. But it can tell you when you have an appointment, and where you have to be, and why you have be there and what you are talking about. So mobility today in business is really really important because that’s the way we are going.

In the next five years we may not need offices because everything will be in the cloud. You will be working from home, everybody will be able to work in coffee shops. A great idea have a business where everybody can come to you and between everything else and all you can serve coffee. So how mobile is your business technology? It depends on your requirement.

Thank you.

[End of transcript]

 

(Video) What is the cloud Computing?

Hi. My name is Roger and today I would just like to do a brief synopsis of what the cloud is and why we are using the cloud.

Well the cloud we are using nowadays has a number of reasons. 1) It’s inexpensive, 2) it reduces your infrastructure costs and there is no capital [Indiscernible 00:00:20]. And it also becomes not a capex but it is an operational expense.

And that is some of the reasons. It’s no longer a case of you have to spend thousands of dollars to buy a server and another thousands of dollars to find an operating system and then put that over in a corner and you have power to it and Ethernet cables and lots of stuff. So cloud is like buying electricity.

It’s now a resource that we can consume and utilize and then get rid of as we need. But there are three types of cloud. There’s the public cloud, which is everybody. So things like Dropboxes are a public cloud environment.

Office 365 is a public cloud environment. So anybody can use it and anybody can get on it. Then we have a private cloud. Now a private cloud is a cloud that’s supplied by a cloud provider but only one customer can utilize it. And that information on that customer is where this information is going to be stored. And then manage it for you. And then on top of that you got a hybrid cloud. So you can have a bit of public and a bit of private.

Even though at most times they won’t talk to each other but you can have storage in one place. You can have operating systems in another. But what do we use the cloud for? Well, utilization of the cloud, there are three main levels. So we can have infrastructure as a service. That’s where I go and buy a virtual server.

I manage the server but they manage the hardware. So with them looking after the infrastructure, everything that’s above the infrastructure is our responsibility. And again you need people to be able to — who know operating systems, you need people who know applications, you need people who know SQL and Web Data and all of that.

The second component is we have platform as a service. This is where you have – the cloud provider provides the server and the operating system – and that gives you a platform to be able to do everything else that you need to do.

But in both of those cases when it comes to things like antivirus, updates, how you manage it, that’s all your responsibility. And then finally we have software as a service. Software as a service is just the data. So you don’t have to manage every Exchange because Office 365 does — all that does is connect to the Exchange that you have got and then it can send out your email.

Office 365 for instance, for things like Dropbox and OneDrive and any of those Microsoft products that have a component that is in the “cloud”. So you have access to that data because it’s the storage area but that is what the cloud is. So those three things: infrastructure as a service, platform as a service and software as a service is way that derivatives of cloud is coming from.

And you can utilize any components of those. You no longer have to spend $25,000/- getting a server and putting in plugs because you can spend $1000/- a month doing everything you need to do from the server which you’ve got as infrastructure as a service.

Thank you very much.

[End of transcript]

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   Rapid Restart Appliance Creator.   He is a Speaker, Author, Teacher and Educator on cybercrime and how to protect yourself from the digital world. 

(Video) Why all SME’s need a Helpdesk

Today I’d like to talk about why all SMEs need a helpdesk. So first things first. What is a helpdesk? A helpdesk is where you have the ability to ring up someone and say, I need some help and this is what I need for you to do. Now a helpdesk can be contacted through a number of options. You can just send them an email. Fax them if you’ve got a fax machine or you can just pick up the phone and talk to them.

And their role behind your business is to help you out of why you have a problem and what that problem is and get your [Indiscernible 00:00:39] working with you. So how can it help with small business? Well, small business, with the increase in technology and increase in complexity of technology needs somewhere to go, ‘what do I do here’. But that helpdesk, if done properly, can also say, when the boss rings up and goes I need to know what I can do about x.

Can I put this system in place and is it going to impact these other systems? And that is a really good way of using a helpdesk. Now helpdesk is usually supplied by a managed service provider. And that managed service provider probably has a large number of other things in the background that are working.

But for a small business a helpdesk is really critical because it takes away that nagging ‘everybody get involved because Jim or Joey can’t print from the third tray. So everybody is opening bits and playing with bits and you’ve just lost five hours’ worth of productivity because he can’t print because he doesn’t understand what’s going on.

Whereas you can pay 25 cents or $25 for someone to come in or someone to come over the phone line or as a remote connection to his desktop and workout what the problem is, rather tie him up and everybody else can go back to work. So that’s one of the good aspects of having a helpdesk. The other aspect is, as I said before, is that you can have people on the back end of a helpdesk helping you make decisions about your business.

So they can be there and you can say, ‘should we move to the cloud?’ I want to know. What repercussions if we move to the cloud are going to be involved? Okay, yes you’re going to have a monthly cost. But is it going to impact our internet connection? How we’re going to print it from our servers in the cloud if we want to print from here.

That information is also very important. But as I said, an MSP whose primary helpdesk is probably supplying a lot more as well. They are probably monitoring your systems. So, with luck, that problem that you’re having with tray three wouldn’t come up because they would’ve been alert to come up and say Joey is trying to print to tray three and that printout hasn’t gone to tray three, and that type of thing.

And on top of that an MSP will also give you reports. How many times people have rang the helpdesk? How beneficial it is to your business? What is the next step going forward? So why do all SMEs need a helpdesk? It makes you more productive.

Thank you very much.

[End of transcript]

 

(Video) How does an Managed Service Provider (MSP) Control your Business Costs

How do managed services control the cost of your business?

Today’s technology is complicated. We have so many catch phrases and so many different words and so much jargon around that it’s very hard for small businesses who are not in the IT space to understand what they need to do, how they need to go forward, what technology and systems do they need to have in place to gain the best advantage against their opposition and to get more customers and clients.

When it comes to managing your technology within a business, there are two things you can do. There are three things you can do, but two of them we’ll talk about. We’ll talk about the first one, which is you have someone on task who is onsite, one of your salespersons for instance.

When it comes to technology, we’ve found and I think you’ll find that you’ve found, that the person who has been assigned to look after the computers likes to play with the computers all the time. They like to be in a situation where they don’t have to do their main role, their money-spinning role. They would rather look after technology, make the printer work, play with the firewall.

So not only are you now paying a person to do two jobs, one job is always going to be a failure compared to the other one. When it comes to managed services, and most managed service providers have different plans, you can get someone who will manage your technology.

So little Johnny can now go back off and be a salesperson or a marketing person or the secretary, whatever he used to be. Or in most cases, and in a large number of businesses, the CEO or small business manager. They can now go off and do what they need to do to make the business grow.

What we find in technology is that over a yearly period, the cost of the technology will change. So in January it might only be $100. In February you had a server failure, and it’s $2K, and that’s not including hardware, software, that sort of stuff. In March, it’s gone down to $700. April it’s down to $200, and $200 again , and $1700 because you had to buy and install a new printer and manage it and all that sort of stuff.

So you end up with this type environment where you’re spending lots of money at some times, and you’re not spending very much money at other times.

With a managed service provider, you have a constant fee in most cases starting around $495. They will say, yes, you’ve got a problem, and you’re going to lose money here. But you’re going to make money here. You’re going to lose money here and there. That type of thing.

So over the flow of a year, you may have spent $17K on your IT, with break-fix, as we call it, compared to 12*495. And that 495 will include things like monitoring and management, reports, it will make sure that your people are educated, that your people understand how things are working.

Sometimes if you want to pay a bit more you could have a virtual CIO, Chief Information Officer or an IT manager who will then talk to your management team, work out where your management team want to go, and then discuss what technologies you need to do to get there.

Because when it comes to this, these people know what they’re doing. The technology they’re going to employ is going to improve your business. And it’s no use having someone onsite saying, let’s go buy that. But you don’t know what else it’s going to do, how it’s going to achieve the rest of the business target market.

So as you can see, managed services can create a level field. You get a monthly fee, some things you get a service level agreement. We will have a person on site within an hour, we will have someone answering the phone all the time, we will have monthly reports, monitoring of all your systems including things like iPhones and iPads and Androids, tablets, all of that as part of the managed service plan.

So as you can see, managed services, and managed security services can save you a lot of money.

So if you want to see or talk to anybody about managed services, please contact us. Thank you very much.