Alert & Declare: (877) 364-9393
Member Emergency Hotline
Emergency Hotline
Agility Recovery +

Employees of Hollywood Presbyterian Medical Center received a nasty surprise when they discovered that a hacker had infiltrated the network and taken the computer systems hostage using ransomware. In exchange for the decryption key, the hacker demanded 40 bitcoins, which was approximately $17,000 at the time. In the interest of restoring the network quickly, the CEO decided to pay the ransom.

The hospital reported that patient care wasn’t compromised, but the incident is yet another example of the sobering prevalence and potential impact of cybersecurity threats.

While some organizations are greater targets for cybersecurity breaches because of the type of data they handle and its value on the black market (healthcare and financial organizations are prime targets), no business is impervious to cybersecurity threats. Here are five of the most important things you can do to prevent or minimize the impact of a cybersecurity breach on your company.

Protect the Perimeter

The most effective way to prevent the spread of malware is to thwart it before it penetrates the network. This might seem obvious, but even big firms lack adequate security protection. Make sure your business uses a perimeter anti-virus that can filter out viruses at the network edge in a complementary manner to PC-based anti-virus services.

Sometimes, though, even if a business is using anti-virus software, malware breaches the perimeter and resides in the network unnoticed. That’s what happened in the infamous Anthem breach — the hack is estimated to have started as early as April 2014, but it wasn’t discovered until January 2015. To prevent an ongoing breach, implement intrusion prevention services that inspect, quarantine, and log any suspicious activity.

Beware of Outdated Software

In a recent survey, Cisco technicians analyzed 115,000 of its devices installed in customer environments, viewing them as they would be seen from the Internet. They discovered that 92 percent of the devices examined were running software with 26 vulnerabilities on average. They also found that some customers in financial, healthcare, and retail sectors were running outdated software.

Because software updates usually include patches for newly discovered vulnerabilities, running earlier versions of the software could leave your network susceptible to a security breach. Be sure to install updates as soon as they’re available.

Protect Data

As one senior managing consultant for an e-discovery firm points out, just because a hacker is successful at breaching your network perimeter doesn’t necessarily mean your critical or sensitive data has been compromised.

To protect your sensitive data, however, it needs to be encrypted. You should also maintain full backups of your IT environment. Backups are crucial if your network is taken hostage by ransomware, as Hollywood Presbyterian Center’s was. In this scenario, you can avoid paying the ransom by restoring your network from a backup. As a caveat, this strategy won’t work if your backups have also been infected by malware — another reason having intrusion detection services is important.

Educate Staff

Human error accounts for about 52 percent of the root cause of security breaches. When it comes to cybersecurity specifically, phishing is a major culprit. Most computer-literate people are aware that they shouldn’t click links in suspicious emails or enter information on web pages that appear untrustworthy, but hackers are becoming more sophisticated in their methods, and it’s becoming harder for people to spot phishing attempts.

Whaling is especially notorious for scamming employees. In this phishing method, highly customized emails containing the target’s name, job title, or other information are sent to a high-profile recipient (usually a C-level executive) from a source that mimics a person or entity the recipient is familiar with.

To help your employees avoid making a critical error or being duped by hackers, make sure you educate employees on handling sensitive data with care and on how to identify phishing emails. Also, give them a clearly outlined process for reporting any suspicious emails.

Give Employees a Secure Way to Work Remotely

It’s rare nowadays for a company not to have some employees that work remotely at least part of the time. However, if those employees connect to public Wi-Fi networks to do their jobs, they’re putting your company data at risk if they don’t take the proper precautions.

Ideally, your employees should have the ability to access your network through a company virtual private network (VPN), which encrypts traffic between the employee’s device and the business’s network.

These recommendations are only scratching the surface of a thorough, effective cybersecurity plan. For more tips, review the Federal Financial Institutions Examination Council (FFIEC) Cybersecurity Assessment Tool.

When you created your business continuity plan, you were probably thinking about what would happen if the building burned down or flooded. These kinds of natural disruptions are easier to anticipate. But what will you do in the event of a ransomware attack?

If you’re not already planning for this kind of event, you should start soon. Business continuity planning can help you lessen the impact of information theft.

What Are Ransomware Attacks?

Ransomware attacks are a form of hacking that perpetrators use to ask for compensation to return your files. Somehow, they have gained access to your databases and encrypted all the information, rendering it useless. These hackers will then typically ask for a sum of money to decrypt your files. If you don’t pay, the price will increase, or they’ll leak everything they’ve collected.

While the most obvious targets might be big businesses, smaller businesses often find themselves vulnerable. Department of Homeland Security Secretary Alejandro Mayorkas said that small businesses account for up to 75% of ransomware attacks. So how do hackers gain such easy access to business data?

These attacks often start through phishing scams and drive-by downloading. Hackers will send fake emails telling you your password has been compromised or you’ve won a huge prize. Once they get you to click on the link, they can access your new password or download malware onto your device. They could even gain access from company laptops and phones that haven’t been secured before selling or discarding.

How Business Continuity Planning Can Help

So, what can be done to reduce the damage brought by ransomware attacks? This is where establishing a business continuity plan and recovery strategy will be a tremendous asset.

1. Details How Long Operations Will Be Down

Part of your continuity plan will be determining how long it will take to get your information back. If you’ve been regularly scheduling backups of your computers, you will be able to restore them in however long your IT team believes it will take.

However, the cost of not performing backups could be very high. While the ransom cost could be low, the average business took about one month to recover from an attack — and if your business is down for more than five days, there’s a 90% chance it will go out of business within a year. Figuring out how long your services will be down will mean the difference between getting back to normal or closing your business.

2. Establishes Whether You’ll Need to Pay the Ransom

By choosing beforehand if you will pay the ransom, you can react accordingly to the situation. By deciding not to pay the ransom, you may choose to perform routine backups and keep data stored in a way you can access. If you opt to pay for your information, you’ll need to plan what to do if hackers refuse to give you all your material back.

3. Lessens Overall Costs

After preparing for these scenarios, you can lower how much a ransomware attack can cost you. Instead of losing out on an entire month of business, business continuity planning can help you get back up and running in much less time. Having a plan in place may mean not paying the ransom at all. Only 61% of encrypted data, on average, is returned if victims hand over the money.

How to Develop a Plan

Once you’ve seen what ransomware attacks can do to your business, you might be more interested in developing a comprehensive business continuity plan. Here are a few preventive measures and steps you can take.

1. Use Zero-Trust Security Architecture

Many businesses use a castle-and-moat security model. This means no one outside the network is allowed access to anything, but anyone within the organization is. This is flawed because hacks could come from within your network.

Zero trust means everyone attempting access is seen as a potential threat. It establishes trust based on identity, so hacks are easier to prevent, and breaches are more easily located.

2. Use Software and Hardware Against Attacks

With a solid plan for the worst-case scenario, you can prevent the worst from happening. Use anti-malware systems to stop any outside entities from infecting your system.

If something malicious still gets through, you can have both hardware and software firewalls to prevent access to sensitive information. If you anticipate ransomware attacks, you can know how best to hinder hackers.

3. Describe How Long Recovery Will Take

If you’ve still been hacked after deploying these security methods, establish how to begin restoring your data. Figure out the length of time you can be non-operational before it starts to affect you adversely. Find out when the attack occurred and how far back you’ll be able to restore information. Identify how long it will take to erase all malware and reinstate your backups.

Finally, analyze the time it will take to re-enter any lost data. Once you prepare these strategies, you’ll be better equipped to deal with attacks.

4. Perform Frequent Backups

Backups are the best way to restore your data without having to pay a ransom. However, you need to perform backups frequently in order to make them effective in an attack.

How often you do them depends on how much you think gets done in a day, a week, or a month. Would losing even a day’s worth of data be detrimental? If so, you’ll want to consider backing up your computers each day. Also, decide whether you’ll use on-site storage, cloud storage, or both.

5. Disaster Recovery as a Service

More commonly known as DRaaS, this is another form of information backup. Disaster recovery as a service stores your entire infrastructure, meaning you can continue to operate from your service provider’s cloud.

This can help if the time it will take to delete the malware and reinstate backups is too long. Then, once your servers have been restored, any processing or data is transferred to them. DRaaS means you can continue operations almost instantly while working on fixing your home base.

Test Your Recovery Plan to Reduce Ransomware Impacts

When dealing with a ransomware attack, prevention is the best step. Business continuity testing is the best way to fail-safe your strategy and confirm that you will meet your recovery time objective. 

Zac Amos is the Features Editor and a writer at ReHack, where he loves digging into business tech, cybersecurity, and anything else technology-related. You can find more of his work on Twitter or LinkedIn.

Facing a natural disaster that could impact your bank or credit union is daunting. Here’s what you can expect when you work with Agility on a post-disaster recovery.

Monday, October 3

The National Weather Service has issued a statement that an approaching tropical storm has the potential to turn into a hurricane, with landfall on the Louisiana coastline predicted in three days. Several states, including your bank’s home of Louisiana, have been put under a hurricane watch. The storm is estimated to have 150 mph winds and may drop more than three feet of water upon landfall. Due to the likelihood that the hurricane will affect at least one of your bank branch locations, you call Agility and put your company on alert status. Agility talks through costs and benefits of viable solutions should you need to declare and puts equipment and personnel on standby.

Wednesday, October 5

The National Weather Service predicts landfall as a category 4 or 5 hurricane within 36 hours, and Louisiana has been placed under a hurricane warning. The area is facing mandatory evacuations.

Thursday, October 6

Hurricane Laura damage

The storm slowly tracks inland towards your branches, dropping more than six feet of water in some areas. The region is affected by severe flooding and damage, including downed power lines, trees blocking roads, and substantial property damage. Local law enforcement has ordered a shelter-in-place and established a curfew until Friday afternoon. Agility is keeping a close eye on the damage to your area and is prepared to deploy equipment as necessary.

Friday, October 7

setting up an MBC

You are granted access to your facility to assess whether you and your employees can return. There is substantial damage, including to computers, servers, telecommunications hardware , and the overall structural safety of your building. You estimate that your facility will not be operational for at least 2-3 months, or potentially even longer due to supply chain issues . You call Agility and have a conversation with your test and declare manager (TDM) and other members of the operations team to determine your needs based on the equipment and facility’s current state. Once the team has vetted your set of needs, Agility provides your recovery quote and timeline for your backup solution. Agility then mobilizes resources to your site to begin your recovery.

Saturday, October 8-Sunday, October 9

Truck delivery

Agility works through the weekend to make sure you and your branch are secure, while you check on the safety of your employees and community and ensure all permitting is ready for your mobile bank unit. Within 48 hours, Agility has deployed a mobile branch unit to your location.

Tuesday, October 11

Agility Mobile Banking Center

Agility arrives on site with your mobile branch unit, and spends the next 24 hours setting up your remote bank branch, complete with:

  • Drive-up window
  • Private office space
  • Waiting area
  • Conference area
  • Employee workstations
  • Teller stations
  • Compliant safe
  • Night drop box
  • Cash drawers
  • Restrooms
  • ADA accessibility
  • Check-writing stand
  • Alarm system
  • Satellite and LTE communications
  • Computers and printers

Thursday, October 13

Bank teller inside mobile bank unit

Your bank, within the MRC, is now operational. You can assist customers, provide cash advances, and be an overall hub for the community as it recovers from the storm.

Wednesday, February 22

Your brick-and-mortar branch can return to operations after renovations and equipment replacements. Agility returns to pack up the equipment and remove it from your property – no need for you to lift a finger.

Branch Resilience

Over the last 33+ years, Agility has partnered with banks and credit unions to understand your unique business continuity needs and provide tailored recovery services. Our goal is to meet your business challenges and deliver a quick, flexible, and cost-effective solution while keeping you audit ready. Reach out to us today for more information about our purpose-built solutions for the financial industry.

Did you know that the United States experiences the most power outages ? Compared to other developed nations, the U.S. experiences more extensive and severe power outages that can leave people without electricity for an average of four hours; many of these outages result from severe spring weather. Power outages aren't the only impact spring can have on the weather. High risks for flooding and storm damage can harm your business, consumers, and employees. How can you prepare for severe weather this spring? We have put together a complete guide on how you can start prepping now for upcoming weather, so keep reading for more information!

How Severe Weather Affects Businesses

Business continuity starts with expecting the unexpected. Weather can drastically impede how your business functions and, in return, how it performs. Here are a few ways that severe weather hurts your business :

  • – Customer habits
  • – Prices
  • – Employee performance
  • – Property

Customers change their habits based on the weather, and you should closely analyze how your business does quarterly for a better idea of how weather plays a role. You might notice an increase in consumer traffic or purchases during certain months, which can affect your staffing and business operations. Price fluctuations and weather can go hand-in-hand. For example, poor weather or winter months can increase oil demand and prices, and agricultural businesses rely heavily on weather patterns that affect crop yield. Employee performance can also tie into the weather since bad weather could affect an employee's ability to get to work or finish a project promptly. Luckily, remote work has helped lessen the effects of poor work performance if your business can adopt flexibility. Lastly, storm damage can directly result in business property damage. Your business's property includes both IT and physical property. Storms can cause power outages and lost data, which is critical for companies requiring 24/7 online support. When your house loses power, you can sit back, light some candles, and enjoy each other's company. With your business, even hours of being down can result in significant losses in revenue.

Spring Predictions

On March 20th, the shift into spring officially begins. What can you expect for spring weather this year? For many, spring weather isn't necessarily something to look forward to when trying to keep a business flourishing. In Southern and Western states and parts of the Midwest, we can expect higher than average rainfall, increasing the chances of flooding . Warmer-than-average weather can draw more people outside and increase online or in-person traffic to your business. Start preparing now for flood and storm damage by ensuring that you have a business continuity plan in place.

Physical Recovery

Physical recovery is relatively straightforward and can help your business recover from power outages, natural disasters, and more. Approximately 40% of businesses who experience power outages never reopen, so don't let that be you! If your business is physically compromised, you have a few options:

  • – Backup tech equipment
  • – Office space
  • Backup generators
  • – Maintaining networks

Spring weather can act similar to the hurricane season with unrelenting winds, rain, and floods. Be sure your business is ready by checking in on these five key business points:

  • – Employees and customers
  • – Property
  • – Processes
  • – Products
  • – Partners

Ensure your property is physically secure and that your files are safely backed up . Confirm continuity plans and emergency action with your partners and employees so that everyone is on the same page. Lastly, keep tabs on your products and manage customer expectations when preparing for storms this spring.

Remote Work

A business continuity plan can include remote work or options to work from other offices. Look for products like ReadyTechGo technology , which provides:

  • – 40 hours of battery life
  • – Cellular connectivity
  • – WiFi set-up
  • – 24/7 technical support
  • – Portability (e.g., water-resistant, lightweight)
  • – Flexible shipping

It's the ultimate emergency tool to have on hand that can keep your business up and running this spring, useful for critical workers or accessing necessary business documents.

Data Recovery Importance

What is the importance of quick data recovery ? Backing up your data in a cloud or through other means ensures your business is back online within hours versus days or weeks. Small- to medium-sized businesses can benefit from the added cost of data recovery services since minor hiccups can lead to permanent shutdowns or loss of revenue.

Keep Your Business Running This Spring

Is your business ready this spring? Spring weather can bring flooding and storm damage to your business. Not only can you physically not make it into work, but you could experience downed power lines and data crashes. Luckily, you have plenty of time to start developing emergency plans for your business that help you tackle any problem thrown your way. For business continuity testing and recovery solutions, contact us today and let Agility Recovery help you get started.

Unlike hurricanes or tornadoes , earthquakes don't occur at predictable times or in predictable patterns. Earthquakes rarely give any warning, which is why they present such a challenge to preparedness. One earthquake doesn't cause much damage, but large earthquakes can cause widespread destruction and loss of life. Any organization's emergency plan should consider how to protect employees, assets, and business continuity. In this article, you'll learn the best ways to prepare for the unexpected and keep your business intact.

Preparing Your Company for an Earthquake

Earthquakes are one of the most significant threats to business continuity, with devastating effects on companies, employees, and customers. Earthquakes occur in remote, high-risk areas with few or no warning systems, making them nearly impossible to predict. In the aftermath of an earthquake , employees are often left without access to their offices, computers, or other critical infrastructure they need for their jobs. Moreover, disasters often disrupt transportation networks, telecommunications lines, electricity grids, and water and sewer systems, making it difficult for employees to get to work. You can reduce the potential impact of an earthquake on your business by ensuring that you have an emergency plan and conducting regular earthquake preparedness drills. This enables you to assess your workplace's vulnerabilities and plan for potential disruptions, which can reduce the chances of injury and damage.

Establish an Emergency Plan

You should establish your company's emergency plan ahead of time. In addition to routinely training employees on what to do during an emergency, you should encourage all the key stakeholders in your company to participate in an emergency training exercise. You and the key stakeholders should also establish an alternate worksite if possible. In a natural disaster, your employees will appreciate the level of preparation you put into a disaster plan.

Design Your Company’s Emergency Plan With the Following

  • – In the event of an earthquake, it is essential to establish a designated emergency area outside of the workplace. Ideally, the location should be open-air and free of other buildings or power lines. Make sure that your employees are aware of the site of the designated emergency area.
  • – After evacuation, designate one or more individuals to conduct a roll call of employees, depending on the size of your company.
  • – Having teams handle basic first aid, search and rescue, fire and evacuation, damage assessment, and security is an excellent way to involve your employees in the process.

Prepare Disaster Supply Kits

You can also mitigate your employees' injury rate if you have a disaster supply kit on hand after an earthquake. During a time of any disaster, you may lack access to food, water, and information, for some time. A disaster supply kit at your workplace needs to contain, at the very least, the following:

  • – Bottled water
  • – Hand-crank or battery-powered radio
  • – Additional batteries
  • – Emergency first aid kit
  • – Emergency whistle
  • – Local maps with information about the nearest hospital and police station
  • – Chargers and backup batteries (or power banks) for cell phones
  • – Pain relievers and other non-prescription medications

Develop a Business Continuity Plan (BCP) and an Emergency Action Plan (EAP)

Business continuity plans and emergency action plans are essential components of every business. BCPs ensure that a company's ability to respond to and recover from the unexpected is protected and minimizes downtime for the organization. Your employees need an EAP in case of an emergency to know what to do. Getting expert assistance can be an excellent way to build a fully actionable EAP and BCP for business owners without the time or expertise to do so themselves. The best way to determine whether your plan will effectively protect your organization is to partner with Agility’s expert business continuity testing team to develop a testing protocol tailored to your unique needs. Both weather and technology failures can account for power outages. Business owners should prepare businesses to support their productivity even when faced with a power outage and consider a backup plan that includes additional computer equipment , an emergency power supply like a generator , or a portable power and connection pack like ReadyTechGo .

Store Information Remotely

Businesses should have all critical company information, including client data, work orders, contracts, intellectual property, marketing information, and other sensitive materials, safely stored in the cloud if an unexpected disaster hits. Businesses should also have critical business data, like employee training records, sales records, and financial statements, on a remote server. Having the valuable materials mentioned above will enable your company to do business still while handling the aftermath.

Prepare Your Employees to Deal with Emergencies with Training and an Emergency Messaging System

As a result of a natural disaster, time is essential, and you must take action immediately. A person may become overwhelmed in a moment of crisis and freeze up when they should be acting quickly. Organizations that are likely to be affected by natural disasters should prioritize preparing their employees to respond to natural disasters such as hurricanes or power outages.

Importance of Earthquake Awareness

Earthquakes can cause significant disruption for businesses and their employees. Employees who are knowledgeable and prepared for earthquakes are safer and less likely to become seriously injured. Companies that establish an emergency preparedness plan are more likely to recover from the aftermath of an earthquake. Contact Agility today to strengthen your resilience against earthquakes and other disasters.

In the last few years, the threat of cyberattacks has grown exponentially, and it’s continuing into the new year, threatening cybersecurity measures. By September of 2021, the total number of attacks exceeded all of 2020 . Unfortunately, there’s no sign of slowing down, especially if businesses remain content with the way things are. However, you can break that cycle with the right tools and knowledge. Let’s talk about some cybersecurity trends to watch in 2022 and how you can keep your business safe.

Cybersecurity Trends To Look Out for in 2022

Small businesses are such a large target for cyberthreats because they are in the “sweet spot” for potential attackers. Large companies like Apple or Facebook have major prizes to steal, but their systems are too strong for an average hacker to infiltrate. Conversely, someone’s personal computer may be easy to infiltrate, but it won’t have a big enough prize for the attacker. That puts small businesses without a robust cybersecurity plan in the perfect zone for attackers, which is why preparation is so necessary. Here’s what you need to watch out for this year.

Phishing Scams Will Become More Sophisticated

You probably trust your employees not to send your company’s data to a Nigerian prince who’s strapped for cash, but times have changed. Sure, we all see those social engineering scams in our junk folder and think to ourselves, “Who falls for this?” However, phishing scams are becoming difficult to detect with the rise of deep-fake technology in 2020 through 2021. Scammers are learning to use this technology to replicate staff email addresses, voices, profile pictures, video chats, and more. Unfortunately, this allows them to do far more damage to a company.

Ransomware Attacks Will Continue to Evolve

Ransomware as a service (RaaS) is an evolving tool that is becoming a real thorn in the side of small businesses. Essentially, hackers use this software to cripple your data and only release it upon payment, often exceeding six figures. Unfortunately, this technology is only expanding as we speak. Once it’s in your network, there’s little you can do about it.

Coverage of Unstructured Data Will Expand

Currently, most data is considered unstructured, although most data warehouses are only equipped to cover structured data. Because unstructured data is so widely available for attackers, many of them have become more willing to sort through stacks of it to find the needle in the haystack. Consequently, safe data storage will need to expand to include coverage for unstructured data, which is already happening.

Safe Cloud Storage and File Sharing Will Become More Available

More and more, small businesses are getting the picture. They are adopting safe cloud storage and remote file sharing at record rates in response to the rise of cyber threats and remote work. If you have remote staff, then cloud storage, safe file sharing, and a virtual private network (VPN) should play a significant role in the new year for you and your staff.

What You Can Do to Protect Your Business

Your business needs to be prepared to prevent a wannabe attacker from infiltrating your system and what to do if they are successful. Generally speaking, it takes the average company over 191 days (over half a year) to notice a breach. Imagine how much damage can be done in that time.

Staff Training

Training your employees is the only way to protect against phishing scams. You can have all the security in the world, but if somebody with access to your company’s data is convinced to give it up, it will tank your business. Consequently, training your staff to identify suspicious behavior and report it to the proper authorities is the only way to protect your business from these scams.

Staff Protocols

Part of training your staff should involve teaching them the right protocols, and not just for reporting suspicious activity. There should be strict protocols for secure file sharing, what information needs to be sent through which outlet, and following up with people in person. Unfortunately, there’s no concrete way to prevent staff members from sharing a file if they believe that the email they received was from their supervisor, coworker, or someone who should have access to these files. As a result, staff should be trained to double-check or follow up in person when sharing essential data.

Disaster Relief Plan

Resilience is key to cybersecurity. Again, you can’t prevent everything. However, the average cyberattack costs businesses over $200,000, which generally leads to them shutting down. Having a plan in place to notice and isolate a breach, stop the damage, and allow for business continuity is critical to the survival of your business in this age.

Cybersecurity Services

Only a few small businesses can afford to hire an in-house cybersecurity team, which isn’t always necessary. Conversely, most small businesses can afford to hire outsourced cybersecurity solutions, which can save their business. In 2022, the best investment you can make is to protect your most valuable data with a reliable data backup and recovery solution.

Keep Your Data Safe

Now that you know some of the most pressing cybersecurity trends of the new year, you can keep your business safe for the long haul. The sooner you invest in your data’s security, the less time you will spend at risk of attack. Stay up to date with our latest business continuity tips, and contact us with any questions.

Today’s hospitals and other medical facilities face unprecedented challenges when responding to and recovering from critical events. These not only include the ongoing COVID-19 pandemic and frequent natural disasters but also dangerous and oftentimes costly cyberattacks. According to ASPR-TRACIE , which strives to fill gaps in healthcare system preparedness capabilities by sharing information and promising practices during planning efforts, recent cyberattacks on healthcare facilities have had significant effects on every aspect of patient care and organizational continuity. “Cyberattacks,” says ASPR-TRACIE, “highlight the need for healthcare organizations of all sizes and types to implement cybersecurity best practices and conduct robust planning and exercising for cyber incident response and consequence management.” Enter the requirement for medical facilities to have a well-developed, fully tested, and always-actionable Emergency Operations Plan, or EOP.  EOPs, as required by The Joint Commission , take an “all-hazards” approach to critical events varying in scale, duration, and cause. Accordingly, such plans encompass six crucial elements within the Joint Commission’s Emergency Management Standards. These include: – Communications – Resources and Assets – Safety and Security – Staff Responsibilities – Utilities – Clinical Support Activities With each of these key areas addressed in an EOP, healthcare facilities are better prepared to address all types of emergencies, including cyberattacks. And that’s a very good thing given such malicious activity is steadily on the rise (some believe as much as 55% from 2019 to 2020 and at a cost of $21 billion alone in 2020). Unfortunately, experts agree that pandemic modifications, such as telemedicine and remote work, will only continue to make matters worse. That said, if it’s been a while since your hospital or medical facility reviewed its EOP, or even considered the possibility of a cyberattack, now may be the time to do so. We encourage you to think outside the proverbial box of emergency operations planning and to involve multiple departments, especially IT, in your preparedness efforts. Doing so will help protect patient data, your organization’s quality of care, and even its reputation and the bottom line.

This year, we’ve seen what feels like countless unprecedented weather events: an ice storm in Texas, heat domes in the Pacific Northwest, wildfires across the country, and a few weeks ago, a major hurricane that decimated states from Louisiana to New York, with additional storms threatening the Gulf Coast yet again this week. In the 1980s, there were fewer than four billion-dollar weather-related disasters each year; in the last five years, the average increased to 16.2, increasing at a fourfold rate. In 2020 alone, there were 22 billion-dollar events, costing $95 billion – the fourth-highest costs on record. Hurricanes, heavy rainfall, and heat waves are likely to continue increasing in the years to come, spurring additional weather-related disasters like flooding, droughts, and wildfires. At Agility, our mission is to help businesses be prepared before, during, and after an incident, so that they can remain in operation and continue serving their communities. We’ve been doing this work for more than 30 years during disasters ranging from the 9/11 attacks to Hurricane Ida. Before any major weather-related event, we supply customers who may be affected with resources, information about the event, and details on how to enlist our support. We remain in close communication with our partners and vendors to ensure the availability of resources and accurate deployment times for our customers. The past few weeks, the Agility Recovery Services team has been helping our community cope with recent disasters and business interruptions. The team responded to organizations activating their coverage as a result of Tropical Storm Henri, and within days, turned around to aid in recovery from Hurricane Ida. We assisted with more than 60 customer locations in the region, restoring power to 50 locations, and are currently working closely with another 70 customer locations in case they need to bring in additional resources. While in the field for Ida recoveries, we were able to put to work our latest mobile productivity pack, ReadyTechGo , when several customers relied on it for their internet connection and power; for some, the ReadyTechGo pack was their only means of communication. Through the years and currently during an active storm season, our operations team supports our customers and communities with around-the-clock coverage. We set up satellite dishes and maintain satellite communications due to poor infrastructure stability; deliver fuel, generators, electrical connections, and locksmiths; even bring in blankets, food, and water; and deploy mobile offices and banking centers. The collective effort across all of Agility’s teams for an event of this magnitude has never been stronger. As we continue seeing these major weather-related disasters occur with increasing frequency in the recent and coming years, Agility will continue its mission of serving our customers and their communities through times of need. If you’ve been meaning to revisit your business continuity and disaster recovery program, now is a good time to make sure your business is well prepared. We are currently doing complimentary high-level plan reviews and scheduling tests into 2022. Feel free to email or call 866-364-9696 to schedule your review today. Jon Bahl, CEO, Agility Recovery

Jon Bahl Agility Recovery

Remote work or working from anywhere (WFA) has become increasingly popular in recent years. The coronavirus pandemic has forced many organizations to implement work-from-anywhere or work-from-home programs as a public health measure. To get the best out of implementing a WFA program, you need to do it right. This article looks at some of the challenges organizations face about WFA and what steps they can take to implement WFA effectively.

Work From Anywhere Can Strain the Company

Research suggests that allowing employees to work from anywhere enables companies to attract top talent, enhance morale, and save money. However, there are several cases where WFA can strain the company’s operational efficiency. Employers may fail to provide remote workers with the resources and training they need to be productive as they work from anywhere. Likewise, supervisors may lack adequate training on how to manage remote workers. Remote workers may not know how to set up a video call. Or they may not know the best way to indicate that they should not be disturbed because they are in a meeting. In many cases, employers yield to their workers’ demand to work from anywhere, only to later discontinue the remote work option when productivity takes a severe hit because employees and managers lack training and resources.

Power Backup Requirements

One of the biggest challenges remote workers can face is power outages. When your remote workers experience a power outage, all they have to rely on is their computer’s battery life; on average, laptop batteries last only about 4 hours. Events such as a downed powerline or severe weather conditions may cause power outages that may last hours or even days. You need to equip your remote workers with backup power solutions to prevent power outages from severely disrupting your operations. These options include:

  • A gasoline-powered emergency generator for the entire home
  • A UPS battery backup for the router, desktop computer, and other remote worker accessories
  • A portable backup power station to charge laptops and phones several times
  • A dedicated portable laptop charger
  • A smartphone power bank
  • A USB hub to transform a single port into multiple outlets for smartphones, USB sticks, webcam, microphones, and more

Providing your remote workers with one or more of these backup power solutions keeps their workspaces operational during power failures.

Cellular and Wi-Fi Access

Cellular and internet connectivity are essential to working from anywhere. Connectivity is one of the top concerns of remote employees as the reliability of their connection directly impacts their ability to collaborate with their colleagues effectively. You need to ensure your remote workers have a fast, reliable internet connection, even if their home internet goes down. Another important connectivity issue you need to address is cybersecurity. A WFA program increases the cybersecurity threats your business faces, so you need to implement measures to ensure they can work flexibly and autonomously without compromising your company’s security. Nurture an organizational culture in the attitudes and behaviors of your remote workers to minimize the company’s exposure to cybersecurity risks. Train your employees to prevent and respond to common cyberattacks such as phishing and malware. Keep your security policies up to date. Numerous apps have emerged to facilitate WFA. However, the use of insecure apps presents a significant cybersecurity risk. Ensure your remote workers use only approved apps and implement a patch policy that all approved apps are up to date across devices. Consider using a cloud access security broker (CASB) to execute your security policy. WFA means that devices will access your network remotely. Encourage your remote workers always to lock their screens when they leave their devices unattended, especially in public places. Ensure their devices are appropriately configured to encrypt data while in rest mode.

Durable, Waterproof, Lightweight Hardware and Accessories

Most employees who are new to working from anywhere don’t have well-equipped home offices. Besides backup power and fast, reliable, and secure connectivity, your remote workers need various hardware to achieve sustainable productivity. Here are a few other things they may need.

  • Hotspots
  • External battery backups
  • Furniture
  • Computer monitors
  • Monitor mounts
  • Laptop stands
  • AC adapters
  • USB cables and adapters
  • Computer speakers
  • Headphones
  • Microphones and webcams

A suitable desk is essential to a remote workplace. Standing desks, in particular, have become popular as they offer the health benefits of limiting the number of hours spent sitting. Your remote employees also need a durable, ergonomic chair to accompany the desk. Other accessories such as monitors and monitor mounts may become necessary, especially for employees who do work that requires sizable screen space. When an employee shifts from working in the office to remote work, it may be necessary to meet to determine all the resources they’ll need to operate at peak performance.

Remote Access and Tech Support

Your employees who work from anywhere must be able to access the data and content they need quickly. Numerous technologies are available to help your remote workers log into your company network from their devices away from the office. For example, many organizations rely on desktop-as-a-service (DaaS) to deliver company desktops to employees using internet-enabled devices. Instead of using DaaS solutions, you may prefer to use a solution that provides single virtual applications, session-based desktops, or published applications. You need fast, reliable connectivity for whichever type of solution you choose.

Careful Planning and Investment

As you can see from the sections above, a lot goes into successfully implementing a work from anywhere program in which some, or all, of your employees work remotely. It requires careful planning and investment to ensure your remote workers have all the training and resources they need to be as productive away from the office as they were when in the office. Agility ReadyTechGo is the solution for the new work-from-anywhere world, combining cellular connectivity, one-touch Wi-Fi setup, live support, and power. Contact us to get started today.

Our recent Business Resilience & Insights Report delves into some of the top trends in the business continuity landscape. The first half of 2021 saw significant cyberattacks shut down companies, raising cybersecurity to one of the most critical aspects of business continuity to focus on as we move forward.

National Security Council Guidance

Following back-to-back ransomware attacks in the U.S. in May 2021, the head of cyber and emerging technology at the National Security Council, Anne Neuberger, wrote a letter to private sector companies on June 3rd urging leaders to review their cybersecurity posture as a significant risk to business operations and resilience.

All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location. We urge you to take ransomware crime seriously and ensure your corporate cyber defense match the threat. To understand your risk, business executives should immediately convene their leadership teams to discuss the ransomware threat and review corporate security posture and business continuity plans to ensure you have the ability to continue or quickly restore operations.
Anne Neuberger, National Security Council

The letter outlined immediate steps companies can take to protect themselves from ransomware attacks , including best practices such as multifactor authentication, endpoint detection and response, encryption, and a skilled security team. In addition, companies should back up data and regularly test systems, as well as update and patch systems promptly. Neuberger also advised that companies test incident response plans and use a third party to test the security team’s work.

Top Challenges to Cybersecurity Programs

Leadership buy-in

Many organizations operate reactively rather than proactively when it comes to cybersecurity. They may not invest in prevention until the first major breach occurs. Additionally, robust cybersecurity can carry a high price tag, though the cost to your company’s bottom line and reputation will likely be far higher in the event of a breach.

Outdated systems

According to IBM , many organizations’ existing infrastructure “may not allow for easy recovery because they were not designed to be resilient against destructive cyberattacks.” Cyberattacks are constantly evolving, and what worked one year to prevent an attack likely won’t work the next.

Skill shortages

There is a severe shortage of skilled cybersecurity workers. According to the 2020 Cybersecurity Workforce , there is a shortage of about 3 million qualified workers, affecting 64% of organizations. When a cyberattack hits, that means more than half of organizations may be unprepared to respond to or prevent it.

Shifting to the cloud

Especially as a result of the pandemic, many companies had to take both internal and external operations online , exposing vulnerabilities easily exploited by hackers.

10 Steps Businesses Can Take

Here are ten steps provided by ISACA that businesses can take to be better prepared for and help prevent ransomware attacks.

  1. 1. Understand risk profiles
  2. 2. Realize data responsibilities
  3. 3. Test for incoming phishing attacks
  4. 4. Assess all cybersecurity roles on a regular, event-controlled basis
  5. 5. Evaluate patches on a timely basis
  6. 6. Perform regular policy reviews
  7. 7. Leverage threat intelligence appropriately
  8. 8. Protect end-user devices
  9. 9. Communicate clearly with executive leadership and employees
  10. 10. Comprehend organizational cybermaturity

Protect Your Business

Assembling an incident response team with cybersecurity training, educating employees, and performing emergency plan testing can significantly reduce the risk and cost of a data breach. These aspects are part of a holistic business continuity strategy and should be part of your business continuity plan to maintain operations for years to come.