Issue link: https://iconnect007.uberflip.com/i/1472190
JULY 2022 I SMT007 MAGAZINE 21 on networks of companies large and small, but that is because we can see in the digital environment in a way most manufacturers simply cannot. The hard truth for the leaders of manufactur- ing organizations—especially those that serve the DoD—is this: You might already be safe, and you might not. Take Strategy-Level Action The risk is in not knowing what you don't know. I'm not suggesting you should become a technol- ogy expert on top of what you already do—not at all. I am suggesting that your digital operations should get strategy-level attention, as in a well-thought-out business continuity or disaster recovery plan that includes protecting your data. If you and I were meeting in your office right now, I'd be asking you three key questions: 1. Where and how often is your company data backed up? 2. How would the company access and deploy the backed-up data if you needed it right now? 3. Who in your organization has access to what? How would you answer them? Not long ago, I asked these questions to a new client—a good-sized manufacturer. The leaders in the room weren't sure, so I excused myself from the meeting, called my office and had one of our tech team meet me with an external hard drive. We made immediate back-ups (snapshots) of the critical sys- tems. Now at least we could all be certain that the client had a moment-in-time back-up. Pausing the meeting sounds like theatrics, but it was not. In fact, if you answered "no" or "I don't know" to any or all of them, I suggest you stop read- ing this right now and find out. It's that important. Why? Because the future is uncertain, and acci- dents happen. To read the entire article, which appeared in the January 2022 issue of SMT007 Magazine, click here. By Divyash Patel MX2 TECHNOLOGY Editor's note: We reached out to Divyash Patel earlier this year to continue the pressing con- versations about the need to stay vigilant in keeping your data secure. Divyash pulls no punches; if you're not protecting your data, your risks can be catastrophic. Here is an excerpt from that article. Follow the link at the end to read the entire piece. Instead of looking at CMMC as yet another set of regulations, we encourage our clients to see it as a description of baseline security—similar to the way ISO sets out basic quality standards. You might be ISO certified already, without regulations telling you to be. You do it because it's a good practice, and your customers expect you to have it. CMMC is not much different. Certification will show your customer base that you have taken the steps necessary to protect their data and your own operations. The protections necessary for Level 1 certification will be all that most of you will truly need. They amount to basic risk avoidance, not that different from requiring hearing protection, safety glasses, or safe processes in your production envi- ronment. We can take potential customers on tours of the shop floor, but not the digital sub-floor, so to speak, on which operations rest. Because we can't visualize our networks, it's hard to see risks in them—until something happens. But what if we could see? Imagine your budget spread- sheets, payroll information, confidential client files, or other mission critical documents were only avail- able in hard copy. Would you keep them piled in front of an open window, stack them next to a fireplace, leave them in the hands of a disgruntled employee, or give them to someone you bumped into on the street to deliver to your customer or accountant? If you saw any of these things, you'd stop everything and make sure these key items were locked in a fireproof, water-tight safe to which only you and a few trusted staff had the combination. What I'm describing might sound ridiculous, but I assure you it is not. We see these issues regularly ARTICLE EXCERPT: Don't Hit the Snooze on Cybersecurity