As from the 22nd February 2018, all organisations in Australia that are regulated by the Privacy act 1988 are subject to the requirements of the act covering a data breach. An organisation is required to notify any individuals likely to be at risk of ‘serious harm” because of a data breach, together with the Privacy Commissioner.
In understanding an organisations requirement it is highly recommended that an organisation seeks legal advice and guidance from the Australian Government Office of the Australian Information Commissioner website
Which data breaches require notification?
The criteria is based around the term “likely to cause serious harm.” A breach occurs when personal information is held by an organisation is lost or subjected to unauthorised access or disclosure.
- A device that is lost or stolen and contains customers personal information
- The hacking of your databases that contain personal information
- Where personal information is supplied mistakenly provide to the wrong person
Organisations covered by the Act?
If your organisation turns over 3 million then you have obligations under this act. This threshold applies to all types of organisations including Not for profit.
Note there are exceptions to the 3 million criteria and an organisation needs to seek advice as to whether they are coved by the act. If you do not turn over 3 million it does not mean you’re exempt as The Office of the Australian Information Commissioner website highlights some of the following exceptions to the 3 million threshold:
- Entities that provide health services
- Entities that trade in personal information
- Credit reporting bodies
- Employee associations registered under fair work
The above list is not exhaustive.
Assessing a data breach
- If an entity has reasonable grounds to believe that it hasexperienced an eligible data breach, it must promptly notify individuals and the Commissioner about the breach, unless an exception applies
- In contrast, if an entity suspects that it mayhave experienced an eligible data breach, it must quickly assess the situation to decide whether or not there has been an eligible data breach
- An assessment must be reasonable and expeditious, and entities may develop their own procedures for assessing a suspected data breach.
For example, misplacing a computer or a USB stick that contains personal information where the device can be recovered by a third party would almost certainly be an eligible data breach. (source www.rk.com.au/insights/australias -new-data-breach-notification-law-what-does-it-mean-for-you/)
What are the 4 key steps if data breach occurs?
They following information is sourced from the Office Australian information Commissioner website
Contain the data breach to prevent any further compromise of personal information
Assess gather the facts and evaluating the risks including potential harm to affected individuals and where possible taking remediate any risk of harm
Notify the individuals and the commissioner as required by the act.
Review the incident identify and consider the actions that can be taken to prevent future breaches.
Do you need a response plan?
In short it is good business practice for an organisation to have a response plan. The plan is a framework that sets out the roles and responsibilities involved in managing a data breach. It also outlines in a descriptive format of the steps an entity will take if a data breach occurs.
Your data breach response plan should be in writing to ensure that your staff clearly understand what needs to happen in the event of a data breach. It is also important for staff to be aware of where they can access the data breach response plan on short notice.
You will need to regularly review and test your plan to make sure it is up to date and that your staff know what actions they are expected to take. You can test your plan by, for example, responding to a hypothetical data breach and reviewing how your response could be made more effective.
A checklist of what the plan should cover
Use this list to check whether your response plan addresses relevant issues.
This is a complex and confusing area of the law and all businesses should read widely and seek advice from the appropriate qualified personnel your legal representative.
Where does Compute Troubleshooters help you? We offer a range of services that are aimed at minimizing the risk associated with your organisation being impacted by a data breach. For more information contact your local Computer Troubleshooter on 1300 28 28 78.
Today’s business environment continues to move to the cloud and the associated cloud applications which entail a monthly subscription fee. Included in this trend is the continuing evolution of products and services with an increase in vendors and providers using a bundled approach that adds increased applications.
What happens in this situation is that often product and service names feed off each other. In the case of Microsoft 365, it is basically an extension and an increased bundle offering on the baseline product of Office 365.
I already thought I was using Microsoft 365?
Because the names are so similar and the fact that Office 365 is included in Microsoft 365, it is easy to see why businesses may think they have Microsoft 365 when in fact they only have Office 365.
Office 365 is a cloud-based suite of productivity tools including Outlook, Word, Excel, PowerPoint and other applications based on whether you have purchased the Essentials, Business or Enterprise packages.
Microsoft 365 is Office 365 plus Windows 10 Enterprise, Enterprise Mobility and Security. Microsoft 365 includes a simplified device deployment and user set up console.
How is Microsoft 365 paid for?
Both Microsoft 365 and Office are paid for by a monthly subscription fee. The fee payable depends on the number of users and the package level purchased.
If you are not certain which package you should buy, it is recommended that you seek assistance from your local Computer Troubleshooter who can, when talking to you, assess your needs and be able to determine which package you need to meet your specific circumstances.
Why Microsoft 365 over Office 365?
The key difference is that Microsoft 365 delivers an integrated platform that incorporates the office 365 productivity applications with the security of Windows 10. No more managing separate licenses and ensuring all your hardware has the latest versions.
Microsoft 365 has been built with small business in mind and the subscription-based model is very cost effective. A business owner can focus on their business while having the peace of mind that their data is protected, employees can collaborate, and communicate effectively anywhere on any device. This enables the business to grow without technology roadblocks.
Key benefits are:
If you are already using all the separate pieces then switching is an easy yes as it will be more cost effective, less time consuming and less expensive to manage.
Enhanced productivity of your team. By implementing Microsoft 365 they can more effectively collaborate with each other. Users can work on a variety of devices and they can be anywhere when working. The inclusion of Skype for Business can also mean you can still have meetings no matter where people are. This delivers enormous cost savings to a business in both physical costs and in minimizing the downtime of employees through travel.
What is the best way to implement a switch?
Nothing is as simple as flicking a switch, all products and services have a variety of setup and implementation requirements. It is highly recommended that to ensure the quickest and most effective change over that you look at working with an established Microsoft partner such as your local Computer Troubleshooter who backs their work with a 100% guarantee.
It is highly recommended that you look at incorporating ongoing support from your local Computer Troubleshooter through one of the many support plans provided. Remember that with continual issues around security you need to ensure that all your policies related to passwords, user access, and email access are current and being proactively looked after.
50% of the global workforce will no longer be linked to a physical desk by 2020. Employees will work from various places and require the ability to communicate, collaborate and access vital information from a range of devices with maximum security.
59% of employees expect that their employers will provide them with the state of the art technology and tools of the trade when looking to move to a new role. Small to medium Businesses can lead the way by ensuring they are providing their employees with tools such as Microsoft 365 or Office 365.
To make certain you are taking advantage of these local technologies call your local Computer Troubleshooter on 1300 28 28 78 for a chat about your challenges and needs.
According to the Australian Cybercrime Online Reporting Network, a snapshot for the period ending 31 March 2018, showed that the top three cybercrimes reported have not changed in the past 12 months. The three top cybercrimes are Scams 51%, Purchase scams, 22% and 7% cyberbullying.
The biggest age bracket that falls victim to cyber-crime has also not changed in the last 12 months. The age bracket most susceptible being, the 20-40-year-old age bracket with email, social networking and website advertising, as the three top targets of cybercriminals.
For the residential non-business person, it is important to continue to think of Mobile devices as mini computers. Mobile device users must use a password, be aware when using Wi-Fi networks and ensure that they log out at the end of a session. Spam filters and a reputable Anti-virus solution needs to be deployed across all devices.
Other factors to consider are ensuring that you do not open unknown links or attachments that arrive in an email, protect your passwords and do not give them out under any circumstances. Remember there are a lot of people who have false identities on the internet. They are not necessarily who they say they are.
Is it any different for Small to Medium Business?
The small to medium business environment continues to face the threat of cyber-security daily. The Stay Smart Small Business guide highlights that 59% of Australian organizations have their business interrupted by a cyber breach every month. Cybercrime reports indicate that 43% of all cyber-crime targets small to medium businesses and that 80% of hacking-related data breaches involve weak or stolen passwords.
This is no comfortable environment for small to medium businesses to operate in. Reports and statistics continually show that a small to medium business needs to have the right support in place, so they can have confidence that they can minimize and mitigate the risk of cyber-crime. This is where Computer Troubleshooters are well placed to provide this assistance and guidance to a small to medium business. Computer Troubleshooters have a range of proactive subscription-based plans that target the needs of Australia’s small to medium businesses.
What’s the impact of a security breach?
A recent Telstra Security Report 2018 identified that the loss of productivity is the major impact followed by corrupted business data, loss of intellectual property, loss of reputation, loss of customers, loss of trust from customers and partners and increased stress to workers.
This is not new, but it highlights the need for businesses to adopt the approach of being alert, prepared and responsive.
What does alert, prepared and responsive mean?
Alert means that the business is aware of the importance of having a strategic and an action plan to ensure that it is minimizing and mitigating the risks to its business. It’s a constant discussion topic between the employees of the business and the owners, sharing of experiences take place. Policies are developed to minimize risk.
Prepared means undertaking steps such as developing an action plan, investing in a program of education for staff, conducting regular security audits so you’re aware of the risks, investing in software across the endpoints and network structures to minimise risks, implementation of a back-up solution, and engagement of a trusted technician to effectively support the organisation.
Responsive means that the organization has in place a proactive support plan that is provided by their trusted technology partner such as Computer Troubleshooters. Some elements that are being undertaken proactively are such things as patch management across all applications and operating systems, application whitelisting, management of administrative rights and network access, proactive policy implementation around password management, monitoring that the backup solution is working, implementation of the latest technologies and processes such as two-factor authentications.
How can Computer Troubleshooters assist you with Cybersecurity?
Start with a security audit and discussion about your business security needs. Seek information from a local expert who can guide you through the key questions you need to address for the size of your business.
Review the plan options around the Total Protection Plan, incorporated with a Microsoft Office 365 discussion, understand the backup options and finally ensure you have monitoring and at least patch management included in your plan to minimize the risk of a cybersecurity breach.
The Office Australia Information Commissioner Quarterly report identified that the biggest source of reported data breaches was caused by Human error, closely followed by malicious or criminal activities. The message is, do not forget to educate your staff.
For further assistance call your local Computer Troubleshooter by calling 1300-28 2878 or visit www.computertroubleshooters.com.au
Changing role of IT Service and Support
The role of IT Service and Support is changing with the increased reliance on technology in small to medium businesses today. It has shifted from being one of repair and fix to one of being an enabler and an advisor.
A business not adopting this approach will find that in the long term that, it will be always reactive, missing opportunities and end up with an IT infrastructure, tools and processes that are out of date and costing an arm and a leg. This can be avoided where the role of IT service and support is broadened to one of prevention and strategic advice.
How to tell, how your business approaches IT service and support?
Entering an organization and talking with the staff is a good indicator for understanding how an organization is viewing the role of IT service and support. Frustration and low confidence in being able to rely on the IT infrastructure in performing their roles will give a good guidance on the approach being taken.
If it’s letting them down they will talk amongst themselves and comments like, I just cannot complete my work efficiently thanks to the speed of the internet. Or maybe something along the lines of we missed the deadline for that customer proposal the other day thanks to the slowness of my computer will be prevalent throughout the organization.
Yes, poor morale in an organization and frustration with IT technology being able to support staff in the performance of their day to day duties is an indicator of adopting a traditional break and fix approach.
The support and service team will be focused on fixing the network that breaks constantly, performing maintenance regularly across machines are slow, do not have the latest software patches, removing tools introduced by staff that are not part of the standard operating system.
The consequence is that the discussion on IT is always about fixing issues rather than on working out how IT can add value to your business through increases in productivity, adding to the customer experience, delivering increased profitability.
How to cope with the fast evolution of technology?
Technology continues to evolve and change at a rapid pace and with this change comes the increased opportunity for small to medium businesses. Once the technology was really the domain of big business that is not the case today and for many small to medium business owners the question is how to take advantage of these technologies, so they can compete more aggressively and deliver on their promises.
This changes the nature of what a small business s looking for in terms of service and support. Not only do you want the technical knowledge, but they want an IT Service provider that can be a strategic partner by adding value to the business.
Do you have control over your Data?
It does not matter what size the business is, nearly all employees are bringing their own devices to work and using these devices within the Businesses network and infrastructure. This spells danger and means that as a business it is very hard to know what devices are being used to access company data.
Without a proactive support plan where you have a provider monitoring and implementing and activating policies that protect your organization from unauthorized access then you are increasing the risk of data loss and the associated impact.
Who maintains and controls the access to your systems when an employee leaves?
The support provided to a business today is more than just fixing computers, repairing networks, and installing software. Managing the movement of people into the business and from the business is a key activity of support today this includes enabling, maintaining and removing email accounts, monitoring and enforcing the password policy across the businesses network infrastructure. All with the aim that a business can act with confidence that their data is safe and secure.
What are the support and services solutions for a business today?
Each Business will have their own needs and views so there is no one solution that fits all businesses. In some instances, it is better for a small business to take small steps in transitioning to a more proactive approach. This enables them to gain confidence with a more proactive approach and monitor the impact on the business before fully committing to a fully-fledged managed services model.
Approach 1 – Purchase a block of Hours
This is where the customer commits to pre-purchase a block of support hours from a Computer troubleshooter and when these hours have consumed another block of hours is purchased. Because you are paying upfront the hourly rate is likely to be at a better value than if just a normal break-fix hourly rate.
At Computer Troubleshooters the services provided for that block of hours will be defined for you what is not covered. You will be able to discuss add-ons for the services not covered.
Approach 2 – A subscription plan
This is where the customer decided to pay a monthly fee for a range of services provided by the IT Service Business. This in effect is a Managed Services solution.
At Computer Troubleshooters we offer a range of subscription plans covering various aspects of your situation. For instance, we have a Total Protection Plan that is focused on ensuring you have an anti-virus solution, some backup and a little bit of system maintenance. Your plan might be focused around Microsoft office 365, hosted email, password management and user access.
You may be looking for a much broader plan which covers a lot more monitoring and maintenance activities supported by IT strategy reviews which are known as our BEST managed services plan.
For further information Call 1300-28-28 78 or www.computertroubleshooters.com.au
Voice communications over the Internet Protocol (VOIP) delivers a range of benefits to businesses when looking at the challenge of Business communications. The key benefits that have driven the growth of VOIP are cost-savings, efficiency flexibility, and scalability.
Francisco Soliano JR Managing Director of Computer Troubleshooters East Perth sees “the biggest factor for clients in deciding to implement a VOIP system is cost-effectiveness and the speed with which a system can be deployed minimizing disruption to the business.”
A solution for communication needs to cover smartphones, landline communications and video conferencing, hence the term Unified Communications is often used when discussing a solution.
What are some of the trends impacting communications?
The introduction of modern technologies continually changes the way society acts, expectations and behavior. Think how the introduction of email has disrupted traditional mail, the introduction of the mobile phone and wireless technologies have all impacted on the way we communicate and act.
Some of these changes are:
- The need to be constantly and immediately available, when we call somebody we expect an immediate response. Expectations are you can be reached anytime, anyplace from anywhere.
- Technology is constantly developing and becoming increasingly available at a value that most businesses can afford. What this means is that more and more functionality and sophistication is available to smaller and medium-sized businesses.
- The cloud enables people to be able to access their data (work-related files) and applications wherever they are. This increases productivity and flexibility within organizations it also allows organizations to unify all their hardware and software.
- The usage of chat and messaging tools is becoming more prominent in businesses. These tools are underpinning how organizations think of the customer experience with the aim to be more customer focused. What is important though that these tools become integrated as part of the communication systems and the data is kept for reference. Quicker and easier than email means less time spent on communications equals an increase in productivity
- Voicemail is not quick enough and often you repeat yourself when the person calls you back. In a lot of cases, they have not even listened to the message. Repeating yourself. Often this is where messaging somebody can be more effective.
- Communication capabilities can be integrated rather than having disparate solutions. If it’s integrated using a simple package, then you can move seamlessly from application to another without loss of time.
- The price and capability of the technology continue to come down meaning it is a viable option no matter what your business size is.
- Improved quality of picture and audio when undertaking virtual conferencing means that more and more meetings across all areas of a business operation are being held. This delivers real and significant savings to an organization in today’s competitive landscape.
What does this mean for a business today?
It means that if you have not at least assessed the area of VOIP and Unified communications then you may be limiting the capacity and viability of your business to compete against your competitors.
The starting point is to have a discussion with your IT provider about Unified communications and understand what your options are. One consideration in the discussion is the whole issue of security of your networks. Why? Because if using a VoIP then the solution sends the calls through the same path your network used for internet and other traffic. This naturally increases risk hence the conversation needs to cover security.
How can Computer Troubleshooters assist?
The local computer troubleshooter can consult with you about your requirements and then assist you in selecting a provider and then assist in the changeover. Computer Troubleshooters East Perth Managing Director Francisco Soliano Jr recommends the Fonality solution because of the ease and speed of deploying the Fonality system. Effectively the handsets are pre-configured and in effect, it’s a plug and play system. The costs are clear and the flat fee model of Fonality makes it easy to understand the costs and the returns.
Call 1300 28 28 78 to locate your nearest Computer Troubleshooter for a discussion on your needs.
Virtually every day, Computer Troubleshooter’s engineers receive an inquiry from small business clients and residential customers asking for assistance with recovering data files. By the time they call, panic has set in as they fear that they have lost their valuable information. The client is often willing to do anything to recover the file and the valuable information contained in the file.
In today’s environment clients are constantly storing data in digital format using a variety of devices. The risk of human error is ever increasing, and it is a known fact that over a quarter of data recovery requests are a result of human error.
Customers are often relieved when they hear that accidentally deleted files have the greatest chance of being successfully recovered. It is still a complicated process and often involves using data recovery software to achieve the recovery. Data recovery software is required to examine the storage of the computer to find the remnants of the deleted data files and then extract them back into a recognizable form.
Computer Troubleshooters recommend that if the information is valuable then you should have a data backup solution in place. This applies to residential clients as much as business clients. Key elements of this solution today are to include a cloud storage element enabling you to recover files quickly and efficiently. Computer Troubleshooters also recommend that the solution needs to include regular maintenance checks confirming that your data has indeed been backed up. Look at our affordable monthly subscription plans.
What to do if you accidentally delete a file?
Don’t Panic – we recommend that you keep the computer turned on, and all applications open while you investigate the simple solutions below:
- Deleted Items– if an email, check the deleted items folder (it is generally near your inbox) this holds all deleted emails until you close your email application. If you can see your deleted file in the deleted items folder just click & drag across back into your inbox. File restored.
- Recycle Bin– if the file deleted was a document or image file, check the recycle bin, which has an icon that is generally found on your desktop, click on the icon, it will show you deleted files that are awaiting permanent deletion (generally these are deleted when the computer powers off), just click and drag back to your desktop.
- AutoSave–applications such as word and excel have an Autosave function that can sometimes save an automated version copy. Within the application click on the top left Office button which will show a menu that includes an item such as Word Options & Save Options, this will generally show the autosave settings and the file location of the autosave directory. You can then go to the indicated location and recover the deleted file (this may vary depending on which version of Office is installed).
- File Search– Use the Microsoft Search function located in the Start Button (on the bottom left) to try to find your file as you may have saved into the wrong directory or you may find an older version.
If you tried these simple solutions with no luck, then it may be time to get serious,
- Restore Backup Files– if you have a backup in place you should be able to restore the file back on to your main computer hard drive. Of course, it will only be a version available from the last time you backed up. It will depend on where and what software you are using for your backup as to how this needs to be done.
- Software Retrieval – this will mean you need to consult a professional to use data recovery software to interrogate your drive, find, & restore your deleted files. Do not run any disk cleanup or defragmentation tools in the interim as these will overwrite drives which may contain your deleted files. Call your local Computer Troubleshooters for this professional service.
- No file found – of course, we do find times when even we can’t retrieve an accidentally deleted file, that’s when we call in our data recovery partners. Our data recovery partners have specialist equipment, software and use dedicated data recovery technicians to extract hidden data.
After completing the above procedures you may have recovered your deleted files. Of course, being proactive about protecting your data is always the best protection. Back up regularly whether it’s for your business or your personal data. Denial is not a river in Egypt.
Even with a tested and reliable backup system, sometimes unexpected accidents can still happen. 74% of data recovery involves physical damage or corruption which can happen to all data storage devices including hard drives, cell phones, and memory sticks.
For the more sophisticated problems we can use our Data Recovery Partner for the following specialized data recovery services:
- Hard Drive Recovery: Hard drives are becoming increasingly less common in laptops. External storage devices are in greater use but are at greater risk of being dropped, damaged and compromising your data.
- SmartPhone and Flash Drives: Flash drives are no moving drives problems such as deleted files, corrupted partitions, file system damage and physically damaged devices can be remedied by their recovery experts.
- Notebooks, Tablets, Digital Cameras and MP3 Players: recovery services for Notebook PCs and Tablets. Damaged image or audio files can also be recovered.
Computer Troubleshooters is Here to Protect You and Your Data
If you have accidentally deleted files; don’t panic, if approached logically the deleted files can generally be retrieved.
If you need for help recovering a deleted file, or more serious data recovery services, or assistance in establishing solution call Computer Troubleshooters and one of our technology professionals can help you.