Cybersecurity & Cloud Storage

Cybersecurity threats are becoming much more prevalent to arts and cultural institutions. These man-made threats can be just as damaging to an organization as many natural disasters. Think of all of the ways your organization uses computers and collects data in its everyday operations. A cyber attack could cause problems with your ticketing systems, donor databases and correspondence, and even disrupt normal communication with colleagues in and outside of your office. It could also cause concerns for your organization's reputation if hackers deface your website or send spam e-mails, or you end up in the news after a ransomware attack.

Your organization may have computers, networks, and servers. You have important files, databases, and documents that you don’t ever want to lose, and you don't want these materials to fall into the wrong hands. While our systems might not be as high profile as those in the banking or insurance industries, because we often handle financial dealings and personal information of staff, performers, and audience members, there may be cyber criminals who are looking to target your organization. Most cyber criminals are hunting for easy targets with automated systems, and can find a way into your system unless you take some basic precautions.

It can be difficult to know what to focus on defending, since it is hard to know what cybercriminals might be targeting. Unfortunately, everything with an IP address – that is, anything on a network – may have some value to someone out there. A regular old desktop PC can be used and reused for many activities by hackers, and it can become infected with ransomware. Even a web-cam or DVR can be infected and used in a bot net. So, we need to consider making sure our hardware, software, and data are as secure as possible.

With that in mind, we are left inventorying and reviewing everything on our network and evaluating what it is worth to our organization – and what it MIGHT be worth to someone else who finds their way into it! Can they use it, sell it, or hold it for ransom? Then, we evaluate how damaging the loss of this data would be, how much work it would take to replace that data, and how much time and money it will take to make it secure.

To keep materials safer, consider backup and cloud storage. What are some of the things that should be stored in the Cloud?

  • Anything that needs to be safe from Hardware failure
  • Anything that needs to be shared with another computer user, internally or externally
  • Anything that needs to be preserved for long-term use
  • In other words, maybe just about ANYTHING!

At the very least, everything important for your operation should be backed up locally, and to a cloud service as well. Cloud service is becoming cheaper all the time, it is very worthwhile for backups.

Some of the biggest providers in the storage and backup industry are Google and Amazon Webs Services, or AWS. If your organization runs MacOS, OSX, IOS, or Apple systems, Apple has a good backup service as well. Microsoft has Office365 in this category of services. Some other well-regarded services are BackBlaze and Carbonite. All of these services have slightly different ways to back things up.

In the words of an expert in this field, “just pick one, and make sure to AUTOMATE those backups!”

Also, make sure that everyone in your organization has access to the backup services, and that your organization uses good passwords.

When considering “transitioning to the Cloud,” if you are already using Gmail, Office365, a Chromebook, or AWS, you have already transitioned to the cloud. Anything that you are not doing specifically on your local device is on the Cloud.

A final thought: developing guidance and policies for computer use, backup and security for your organization is important. And, staff and patrons should know who to call when there is a problem – do you have I.T. staff at your organization, or work with a vendor who provides good support?