When Does Moving Away From The Cloud Make Sense?

by Felicien | Mar 11, 2019 | Education

In 2018, Dropbox announced it was shifting away from cloud-based services in favor of managing some of its data storage and application hosting itself. The company noted that while Amazon Web Services (AWS) initially allowed Dropbox to delay the purchase and maintenance of its own infrastructure, there were limitations and obstacles that prompted the switch.
In its IPO filing, Dropbox noted that the company has no operational control or access to the AWS or other cloud facilities that host its content. If there were to be an issue with that data, Dropbox, which hosts information for its customers worldwide, would have little control of the situation.
Why is it that Dropbox and other companies are moving away from the cloud, which is touted as a service that alleviates the burden of monitoring, maintenance and upgrading what’s stored there? Are there times when it makes more sense to move away from the public cloud?
How Many Companies Are Moving Out of the Public Cloud?
In 2018, IDC reported that 81 percent of companies surveyed reported migrating applications or data that had been stored in the public cloud to a different environment, including a private cloud host, a hybrid cloud and local solution or a complete on-premises infrastructure. The companies that repatriated data and apps reported doing so the following solutions:

Hosted private cloud (41 percent)
On-premises private cloud (38 percent)
On-premises non-cloud (22 percent)

The survey also reported that 85 percent planned to migrate services in 2019.
Why? The most-cited reasons were:

Security (19 percent)
Performance (14 percent)
Cost (12 percent)
Control (12 percent)
Desire to centralize or reduce shadow IT (11 percent)

What’s Behind the Cloud Repatriation Push?
Munish Manrao of Belmont, California-based ePC Solutions noted that there can be many factors that influence a decision to move to the cloud or move back.
“Every IT decision should be based on a combination of factors: security, cost, compliance, stability, productivity, and compatibility,” Manrao said. “In some instances, a company may move an application to the cloud and then decide to pull that application out of the cloud and return it to an on-premises data center. Although this can be disruptive, any one or more of the reasons listed above could be the determining factor.”
Jason Simons of Houston IT solutions company, ICS, agreed, noting that control, performance and regulatory mandates are often the key factors to move away from the public cloud. He cited specific issues that may prompt, or force, the decision for businesses:

Poor performance of the application once it was virtualized in the cloud
A desire for ultimate control of the software or data, including upgrade management, outage scheduling and access management. Because the public cloud is a shared resource, there are often limitations and restrictions on what a company can do and when.
Concerns about regulation. If a company finds out that its cloud provider is no longer certified to meet the security standards of regulatory agencies, the business is responsible. Companies take on great financial risk for non-compliance.
The wrong provider. Companies may choose a smaller provider initially that cannot meet their business needs. Instead of moving to a larger provider, some businesses prefer to bring apps and data back in-house.

Speed is a frequent reason for moving away from the public cloud.
“Businesses that rely on public cloud servers often run into trouble if local bandwidth is unreliable, or if internet access is lost resulting in downtime or data loss,” noted Andrew Schira with Oklahoma City IT service provider, Easton Technology.
Another is the cost.
“On-premise servers are generally a one-time purchase,” Schira continued. “Moving applications can reduce operating costs and result in improved security.”
Those insights echo the reasons cited in an IDC survey of multi-cloud infrastructure among European businesses. The top data-management priorities were:

Managing and controlling cost (42 percent)
Regulatory compliance (34 percent)
Provisioning and management capabilities (32 percent)
Data portability and workload seamlessness (32 percent)
Retrieving data if a provider goes out of business (27 percent)

Over the next 12-18 months, 49 percent of those businesses listed data protection, including backup and recovery, replication archiving and business continuity, as a key data challenge. Another 43 percent cited security and compliance.
What Applications Are Most Likely to Move Away from the Public Cloud?
Manrao noted that there are certain applications that are prime suspects for repatriation if they have one of the following characteristics:

Database applications that require high I/O speeds (the rate at which data is transferred between the hard disk drive and RAM)
Graphics-intensive applications
Applications that should be accessed outside the network
Applications that are not cost-effective to host
Applications that are necessary to control local access
Applications that cannot be dependent on ISP speeds

“Applications that are candidates for repatriation to a business’s on-premise servers are mature, highly integrated, mission-critical applications where concerns about exponential growth are not an issue,” Schira said.
Regulatory concerns are a growing concern, too. Companies face complex and mounting data management requirements due to the passage of GDPR for European Union residents, growing U.S. state-specific privacy mandates, and the continuing presence of requirements for HIPAA, PCI and other legislative obligations.
What Are the Benefits to Rolling Back from the Public Cloud?
Companies that switch from the public cloud will see many benefits, including:

No risk of providers changing terms or costs
No threat of potential deletion of data by a provider with little or no warning
One-time server expenses
Full company control of its own data, including its use and its storage

How Can I Prepare for a Switch?
Manrao recommends that whenever an application is moved to the cloud, there should be a roll-back procedure in place. Companies should keep their local infrastructure in place for a while in case the decision is made to roll back the application to internal hosting.
These procedures should ensure the company has complete access to the database and user accounts. The cloud host should be able to export all the data in a format that’s usable to the business. These procedures also should be tested often.
And if you decide to roll back data, Simons has some advice.
“The best way to do this with minimal downtime is with proper backups and pre-planning and testing,” Simons said. The key steps are:

Pre-install the application at your facility and thoroughly test
Complete a backup or screenshot of the cloud application and load it into your on-premises version
Continue running the application on the cloud server until the backup is restored to on-site equipment
Shift users seamlessly to the on-site server
Make another backup of the changes that occurred in the cloud while doing the migration
Restore these interim changes to your on-site server

Cloud solutions continue to be valuable for many companies, especially those with small or understaffed IT staffs. However, as with many new technologies, some businesses are finding that the public cloud is not the ideal solution for their unique needs.

Learn the Power of Google Reviews for Lawyers & Law Firms

by Felicien | Mar 8, 2019 | Education

There’s no better means of promoting a professional business today than the use of online reviews. Positive third-party online reviews can take your law firm to the next level. Personal referrals and word of mouth have their place in drumming up new business, but they will never come close to the exposure you can receive through online reviews. Positive online reviews across multiple platforms and search engines could very well be the key to the success of your legal firm.
How Important are Reviews for Attorneys?
When consumers are looking for an attorney to represent their interests in a legal matter, where do they turn to first? Modern technology has made the Internet the number one source of information for just about any business inquiry consumers may have. This makes it essential for law firms to have a strong online presence in order to compete. Your online presence should include a fair amount of positive online reviews.
Positive online reviews can help establish your law firm as experts in the legal field. Studies show that in 2017 alone, over 97% of consumers turned to online reviews to help them choose a company to do business with. Approximately 85% of consumers acknowledged they trusted online reviews more than a referral from family or friends.
When it came to searching for an attorney, 75% of consumers indicated they used online resources to find the lawyer they needed. Approximately 65% of these said their decision to hire a certain attorney was influenced by online reviews. If perfect strangers can have such a major impact on people’s decision to hire an attorney, imagine the potential you have of increasing your customer base by petitioning your clients for reviews.
Effects of Online Reviews on a Law Firm
Positive online reviews can give your law firm greater standing in your local community as they reveal what fellow residents have to say about their experience with your firm. Positive reviews from former customers can put your name on the top of the list when people need an attorney to handle their legal affairs.
With so many people resorting to online reviews to help them find an attorney, it’s to your advantage to make reviews readily available to your online target audience. The more positive reviews your firm has, the greater your chances of being selected over your competition.
Naturally, you want to avoid having bad reviews posted online. But few or no reviews could be just as detrimental to your cause as it gives consumers the impression that your law firm is inexperienced in its field.
The goal is to encourage former clients to write positive reviews that make a good impression on individuals who are in the process of selecting an attorney to represent their legal interests. With so much competition among law firms today, people aren’t willing to settle for just an “ok” attorney- they want an attorney who stands out in his field. They’re even willing to travel to the next town to hire an attorney with excellent reviews.
Review Count and Scores
In a recent survey regarding the use of online reviews for hiring attorneys, 264 people out of the 316 interviewed indicated they would only hire law firms that received, on average, a 4- or 5-star rating on their reviews. This shows how much consumers value reviews in selecting a lawyer. If your firm’s rating falls short of these expectations, you could very well be losing clientele. Poor reviews obviously have a negative impact on people looking for the services of an attorney. To get top reviews, your law firm needs to provide top services to your current clientele.
Keep in mind that third-party reviews across various platforms will carry more weight than reviews placed on your website. Consumers expect you to post positive reviews on your site. Third-party reviews, however, generate greater validation and trust.
In addition to good ratings, consumers want to see a fair amount of reviews from former customers as this gives them a more accurate picture of how people view the services you provide. The combination of review count and review score influence consumers in selecting an attorney.
Where Should You Collect Reviews?
Quite frankly – everywhere you can! By collecting reviews across multiple platforms, you’ll reach a greater audience. You could also narrow your prospects to the most effective platforms, i.e. Google and Facebook, as these two sites are where the majority of people wind up when doing business searches.
Google reviews carry a lot of weight when consumers search for law firms due to the company’s reputation for providing relevant content. Google is well aware of the influence ratings have on consumers searching for an attorney online. For this reason, Google prioritizes law firms that have a substantial amount of positive reviews in their search results.
How to Increase Your Firm’s Reviews
Knowing the influence that positive reviews can have on your law firm should motivate you to solicit as many reviews as possible from former clients. If you’ve provided exceptional services to your customers, positive reviews shouldn’t be so difficult to obtain. Most consumers are happy to comply. In fact, the best time to request a review is immediately after services have been rendered, assuming your customers are happy with the services they received.
Once you start receiving reviews, take time to monitor what people are saying about your firm. This gives you a better idea of how you’re doing, from the perspective of your valued customers. Make an effort to respond to as many reviews as you can – positive and negative – to show you’re interested in what your clients have to say.
Never ask employees for reviews and never pay or offer incentives for reviews, as this goes against Google’s policy.
How to Handle Negative Reviews
When you ask for reviews, there’s always the chance of getting negative reviews along with the positive ones. Although negative reviews can lower your overall rating, they can also provide you with opportunities to see where you need to improve. A few negative reviews here and there can even make your law firm appear authentic.
By handling negative reviews in a positive manner, you can earn customers’ trust. Always make an effort to address issues brought up in negative reviews. Apologize to your client to wipe the slate clean. If you can rectify the problem, do so, even if it’s at your own expense. Your sincere efforts to make things right can convert an unhappy client into a satisfied client who will let others know what you have done.
In Summary
The success of your law firm depends on providing exemplary services to your current clients and drawing in more clients who are in need of legal help. Positive Google reviews will play a key role in accomplishing this goal.

Time To Set The Clocks Back

by Felicien | Mar 8, 2019 | Education

Daylight Saving Time for 2019 starts on Sunday, March 10th.

I’m sure you know how Daylight Saving Time (DST) works, but did you know not everyone in the US observes this time change? Arizona hasn’t observed DST since 1967, and Hawaii has never used DST. Michigan skipped DST from 1969 – 1973, while Florida is in the process of moving to keep DST year round!
Daylight Saving is a great excuse to sleep a little later this Sunday – take advantage, and don’t forget to double check your non-Internet connected timekeeping devices.

Spring Forward This Sunday

by Felicien | Mar 8, 2019 | Education

Daylight Saving Time for 2019 starts on Sunday, March 10th.
I’m sure you know how Daylight Saving Time (DST) works, but did you know not everyone in Canada observes this time change? Parts of British Columbia and Nunavut don’t observe DST, while a small part of eastern Ontario and most of Saskatchewan observes DST year round!
Daylight Saving is a great excuse to sleep a little later this Sunday – take advantage, and don’t forget to double check your non-Internet connected timekeeping devices.

Toyota Australia Hit With Data Breach

by Felicien | Mar 7, 2019 | Education

In late February 2019, Toyota Australia was hit by a major cyber attack that knocked out its online presence and email systems. For days, the automaker had its ability to connect with customers significantly compromised.
The Toyota incident is yet the latest reminder of the disastrous impact of cyber attacks and why companies of all sizes and in all industry sectors need to be vigilant. Systems, users and devices all need constant monitoring and robust security measures in place to prevent such incidents from having significant consequences.
What happened at Toyota?
On 21 February, it was reported that Toyota Australia had suffered from a cyber attack. The company issued a statement that confirmed the attack, which reports indicate Toyota first learned about the day before. The statement noted that the initial analysis showed that no private customer or employee data had been accessed.
The company’s IT teams were working with “international cybersecurity experts to get systems up and running again,” according to the statement.
Four days later, the company’s website continued to display a stark message detailing its effort to recover from the attack. The company created an emergency call centre to address inquiries from customers.
The company has reported it has “no further details about the origin of the attack.”
What impact is the disruption having on Toyota customers?
The web message made note of several important issues affecting its customers. The company reports having only “limited capabilities to respond” to customers. The Toyota VIN Checker function is down, for example.
Of more significant concern is the impact on two important recent recalls facing Toyota customers. One recall, begun in 2018, affects airbags inflators in Corolla and Avensis models. As the airbags age, high temperatures and humidity can cause the airbag to activate with an explosive force that could send metal fragments towards car passengers, leading to serious injury or death.
In December, the company also recalled 2,640 Corollas, this time to replace a transmission assembly that could detach, resulting in a loss of power.
How big a problem are cyber attacks in Australia?
Cyber attacks cost the Australian economy $1 billion annually. Here are some other statistics on the effect on Australian businesses (2017 numbers unless indicated otherwise):

516,380 small businesses were victims of a cybercrime
The average payment was $4,677 for a small- or medium-sized business to recover their data after a ransomware attack
One in four enterprises suffered 25 hours or more of downtime after being hit by a cyber attack
Only one in three small- and medium-sized businesses have continuous system backup practices in place
It cost medium-sized companies $1.9 million to recover from a cyber attack.

In the first six weeks after enacting the Notifiable Data Breaches scheme in February 2018, the Office of the Information Commissioner received 63 notifications. Those numbers have grown steadily, with 242, 245 and 262 breaches reported in the last three quarters of 2018, respectively.
Malicious or criminal attacks accounted for the largest number of data breaches reported in the fourth quarter – 64 percent of all reported incidents. Of those malicious or criminal attacks, 68 percent involved cyber incidents, including:

Phishing (43 percent)
Compromised or stolen credentials (24 percent)
Ransomware (10 percent)
Brute-force attacks (8 percent)
Hacking (8 percent)
Malware (7 percent)

A closer look at the fourth-quarter statistics gives a clearer picture of the sources of attacks, types of attacks, data affected and sectors being targeted (with percentages):
Source of attacks

Malicious or criminal attacks (64 percent)
Human error (33)
System faults (3)

Information disclosed due to human error

Personal information sent to wrong recipient-email (27.1 percent)
Unauthorised disclosure via unintended release or publication (17.6)
Loss of paperwork or data storage device (14.1)
Personal information sent to wrong recipient-mail (11.8)
Failure to use BCC when sending email (10.6)
Unauthorised disclosure-failure to redact (9.4)
Personal information sent to the wrong recipient (3.5)

Type of data affected

Contact information (85 percent)
Financial details (47)
Identity information (36)
Health information (27)
Tax file number (18)
Other sensitive information (9)

Top industries attacked

Health services (21 percent)
Finance (15)
Legal, accounting and management (9)
Private education (8)
Mining and manufacturing (5)

What companies can do to protect themselves?
The Reserve Bank of Australia warned in October 2018 that Australian businesses were vulnerable to cyber attacks and the catastrophic losses that could ensue.
The Cisco 2018 Asia Pacific Security Capabilities Benchmark study noted that Australia was most under attack of the 11 countries evaluated. The numbers are stunning. Ninety percent of Australian businesses report facing up to 5,000 threats daily. Of those companies, a third face between 100,000 and 150,000 daily attacks and 7 percent see more than 500,000 attacks per day.
What can Australian companies do? Here are some of the most critical areas of need.
Comprehensive protection
Companies need to invest in a multilayered approach to protection of hardware, software, systems, networks, access points, devices and users. As seen in the data above, the attacks can come from a deliberate attack by an outside source, but often come from simple human error.
A comprehensive approach includes sound policies, technology and awareness. Together, these tools give your business the right protection to combat attacks.
Firewalls
A next-generation firewall protects your computer network. Firewalls help detect, contain and eradicate unwanted intrusions before serious harm can come to your systems. They also can be used to inspect information sent to and from the company and block access to and from risky URLs.
Anti-virus software
To protect users from spam, phishing attempts, viruses and malware, your devices need installed software that automatically scans and quarantines suspicious emails and activity. These tools should be automatically updated in the background to ensure continuous protection from threats new and established.
Monitoring
Tools can be deployed that continuously monitor networks, devices, access and usage, using pre-established rules about what is and is not allowed. Automated monitoring tools can detect and detain threats while issuing alerts to key personnel about identified issues.
Business continuity and disaster recovery
Companies need to develop the policies and procedures that will allow for little to no interruptions should a natural disaster or cyberattack occur. These guidelines establish chains of command, protocols and roles (which may be different from typical job responsibilities) during a crisis. These plans should be tested to ensure all components work smoothly and plans should be modified as needed.
Employee awareness and training
It is important that companies invest in their employees to further an understanding of what cyber attacks are, what damage they can do and how workers can prevent them. Showing employees examples of suspicious emails, making sure they understand data privacy policies and testing their responses builds resilience and understanding.
The Toyota Australia incident will not be the last high-profile example of cyberattacks to hit businesses. But preparation can go a long way to reducing the number and impact of such attacks.