The Bay Area IT Experts

On July 29th, it was discovered that cybercriminals had “exploited a U.S. website application vulnerability to gain access to certain files,” according to the company. In the statement released on August 7th announcing the breach, Equifax reported that those responsible had managed to access information including names, birth dates, addresses, Social Security and Driver's license numbers. 209,000 people also lost their credit card information, and dispute documents with personally identifiable information were accessed affecting another 182,000 people.

The scope of this attack is staggering, especially considering that the total population of the United States is estimated by the Census Bureau to be 324 million adults. A quick calculation tells us that the 143 million potentially affected makes up a full 44 percent of the country’s total adult population.

As if this situation isn’t bad enough for Equifax, the activities of some of the company leadership are also being called into question. Chief Financial Officer John Gamble Jr., U.S. Information Solutions President Joseph Loughran, and Workforce Solutions President Rodolfo Ploder sold almost $2 million in company shares mere days after the breach was uncovered. While it is not yet clear if the breach and these sales are connected, Equifax has released a statement stating that the men had no knowledge of the intrusion when the sales were made.

The company’s stocks fell by more than 12 percent shortly afterward.

Equifax is currently working with state and federal authorities, including the FBI, and is actively alerting those whose information was accessed through the mail. We suggest that you keep an eye on your mailbox in case you have been breached.

There are plenty of websites and services, including one from Equifax, dedicated to determining whether or not your personal information was accessed--all you have to do is give these sites and services access to your personal information. In light of what has happened, we do not recommend taking this route. Instead, you should be careful to monitor your own financial information and to report any oddities to the proper authorities.

You may also be tempted to enroll in an identity protection service. Equifax themselves are offering a free year of monitoring from their service, called TrustedID. However, there have been reports that enrolling in this service will leave you ineligible to participate in a class action lawsuit against Equifax. If you decide to enroll, make sure you understand all of the fine print. Otherwise, you should make sure to go through and change your passwords and watch your credit statements for suspicious activity. This is especially true if you utilized any of Equifax’s business services, as your business could be affected as well.

If you suspect that your information was stolen, the Federal Trade Commission offers a helpful guide to determining if that is the case. If so, you need to report it to the Federal Trade Commission as well as place a fraud alert on your credit report.

Understand the Needs of Your Organization
What does the project do for your business? For example, are you implementing a new infrastructure design that makes data more easily accessed by your users? Maybe you found a better email system that you want to use over your old one. Or, maybe you understand that the cloud is the future of your business and you need to migrate all of your data. Whatever the project is, make sure that you know exactly what you hope to gain from it.

You want to ask yourself how the change benefits anyone else involved, too. Will it help your employees better fulfill their duties? Will it make your services more readily accessible to anyone who buys from you? Basically, you need to understand if it’s something that will be mutually beneficial for everyone involved. If it’s not, then why are you doing it in the first place?

Budget for Unexpected Circumstances
When you’re implementing a project, you have to follow the guidelines stated in the project’s budget. However, this isn’t always possible, as unexpected circumstances would lead you to repeat certain tasks, which naturally leads to wasted assets and wasted time. Furthermore, changes in the price of resources and labor could affect the timeline of a project. Suppliers may not be able to meet obligations, or prices may skyrocket to break your budget.

Basically, you should ask yourself what could go wrong when you begin implementing a new IT solution, and ensure that time is allowed just in case something happens which is out of your control. If you do this, the worst-case scenario is that your project is completed on-time and on-budget. If it’s finished as intended, however, you have a lot of extra time and capital to spend on other tasks following the implementation.

Find Ways to Judge Success
Key performance indicators should be a well-known part of your project implementation process. KPIs are what show how well your process works, and they can make or break the project implementation process in both the present and future. If you keep track of metrics like these, you can use them for future projects to make changes accordingly. Here are some of the KPIs that you should consider.

• Actual cost
• Cost Variance
• Earned Value
• Planned Value
• Return on Investment

Keep Everyone Informed
A project management team is generally made up of highly-skilled, specialized workers who are working together toward a common goal. Anyone involved in the project management process needs to stay in touch with the progress being made toward that goal so as to make sure that tasks aren’t done more than once. Most importantly, though, is that it’s important these tasks get completed properly so that they don’t need to be done more than once.

You can keep track of all tasks and resources assigned to a project through the implementation of project management software. It creates a single point of contact for all resources involved so that they can keep track of all progress made. It’s just one of the ways that project management solutions can help you keep your projects on-track and on-budget.

All of this might sound like a bit much, which is why we recommend that you go through an outsourced IT provider like 415 IT for your IT project management needs. To learn more, reach out to us at (415) 295-4898.

Make Sure Every Department is Represented: Many times, business continuity planning responsibilities fall to a single individual. Having someone take charge and drive the planning forward is great--but it’s important to make sure that every department is represented. As your company grows, this will become increasingly important, as the author of the plan may not be aware of the important technology needs for every department. Once everyone has their mission-critical information, processes, and three point of contacts for each department, the business continuity plan can be properly prioritized for efficiency.

Practice Makes Perfect: Just like with any plan, it’s always a good idea to test it out before it's put into use. Think of practicing your business continuity plan like a ‘fire drill’ for your business. Your practice might be as simple as reading over the plan and making sure that your team is familiar with business continuity. Is everyone aware of their role in the plan? Are your employees aware of a chain of command and who they should report to in the case of a disaster? Do you have a way to reach everyone involved? These are all things that should be run through. Additionally, practicing regularly will help you keep your business continuity plan updated, as you’ll see if there is anything missing or obsolete. Hopefully, you’ll never be in a position where you’ll have to put your plan into action.

The 3-2-1 Rule for Data Recovery: One of the most critical components of business continuity planning is backing up your data. When it comes to manually backing up your data, making a single copy is not sufficient to ensure your data’s recovery. What if the only copy was destroyed or damaged in some way? Or you were unable to locate it when you need it. IT experts have found that there is a process that takes the appropriate measures. The process is known as the 3-2-1 Rule.

This means that you should always take three backups of your data, two should be stored on different types of media (stored on a server, external drive, USB drive, etc.) and one that is stored offsite (in the cloud, for example). This will help you be prepared in the event that one of your backups are destroyed or damaged.

Of course, working with a partner like 415 IT means that you no longer have to worry about manual backups or storage locations. A disaster recovery solution will give you peace of mind knowing your data is safe and you’re free to focus on your core business. Our team is available to help you select the best data recovery solution for your business. Reach us at (415) 295-4898.