Online security

Secure Your Business and Protect Your Data

/ nancyrubin / Leave a comment

Unless you’ve been living in the Arctic Circle or the International Space Station for the past few years, you can’t fail to have noticed that a lot of business, many of them very prominent, have had their data hacked and stolen in recent years.

This is, in part, due to the fact that data in itself has become big business, as has conducting one’s business online, and partly because hackers have never been more skilled than they are right now. What this means for you is, if you run a business, which stores data and which is connected in any way to the internet, you need to step up your game to secure your business and protect your data. Here are a few things that will help you with that:

Access to Excellent IT Support

If you have a good IT Support team on your side, then you’ve already won half of the battle because they will be able to look at your current IT infrastructure and practices and tell you what you’re doing right and what needs to be improved. What’s more, they’ll be able to ensure that any measures you take, are implemented correctly, so that your systems really are safe.

Brief Your Staff

Often, it is the unwise actions of an employee, such as opening an unsolicited attachment or logging onto a suspect site, that cause company networks to be hacked and infected with malware and viruses that steal data and put them at risk. That’s why, if you want to avoid having your sensitive data held to ransom of your business being forced to stop, you need to brief your employees on all the things they shouldn’t be doing (opening attachments, sharing passwords, visiting non-approved websites) that could prove disastrous.

Use Strong Passwords

It’s also important that anyone who has access to your network is compelled to use a strong password, which consists of a mix of letters, numbers, and symbols, and which is random enough that it won’t be easily guessed. They should also change these passwords on a monthly basis to avoid data breaches, and they should really not write their passwords down, where they could be found either.

Encrypt Everything

Encryption is probably the best tool you have to secure your business and protect your data. Once your files are encrypted, they will be almost impossible to access by anyone who doesn’t have the key.

Back It Up

If you don’t want to lose your important data -the data that keeps your business running successfully -then you simply must back it up, preferably off-site at a location run by professionals. The cost of lost data and run into the hundreds of thousands, depending on the size of your business, so don’t let it happen!

Install Antivirus on Every Device

Last, but definitely not least, you should install antivirus and malware protection on every single device any of your employees may use to connect to your network and conduct business, including their personal smartphones and tablets. If you don’t do this, it could be so easy for a hacker to steal your data.

Securing your data will cost you time, and you will need to invest some money into it, but if you don’t do at least the things outline above, well, it could be very expensive and completely disastrous to your business!

3 Ways You’re Jeopardizing Your Business’s Security

/ nancyrubin / Leave a comment

As a business owner, you entrust your employees with sensitive and valuable data numerous times and in various ways each day. Your customers, likewise, entrust you with their data and personal details.

While you might think that the entire system is set up to work flawlessly, the reality is that data security in your business may not be quite as effective and perfect as you might think. In fact, you may face numerous risks and issues with data security on a daily basis that you may not be aware of and that may even put your customer’s vital data at risk.

When you understand more about these potential risks, you can take action to improve data security in your company.

jazz1

Photo Credit: Pexels.com

1. Employees Lack Education and Training

According to a 2015 survey performed by Insider Risk Report, as many as 93-percent of valued employees surveyed, who had access to a company’s vital or sensitive data, stated that they used a high-risk activity that put that data at risk. This could have included something as simple as using a weak password or not changing a password frequently enough or sharing a password with someone who they shouldn’t have shared it with. While these may have been unintentional or seemingly harmless risks, they were nonetheless risks to the company.

As an employer, you must observe and understand what your employers are doing wrong in the area of data security. In addition to observing risk factors in this area, you must take the additional step to correct the behavior and to adequately train them in the proper data security methods.

You should be aware that most of your employees are not maliciously trying to circumvent safety and security protocols, and most of your team usually wants to take the proper steps to keep data secure. However, they may not be aware of what the right steps are. It is up to you to properly train them and to provide them with the tools to keep data secure in the most time-efficient ways possible.

jazz2

Photo Credit: Pixabay.com

2. Outdated Technology

At times, new technology is introduced rapidly, and it can be challenging to keep up with all of the changes and innovations as they occur. More than that, some business owners have a false conception that security hinders business growth. This type of thinking actually carries a certain risk because it does not promote the use of new and more advanced security features that may currently be available and that may be most effective for the business owner to use.

As a business owner, it is important that you stay updated as much as possible with the latest innovations available in the marketplace. You should always ensure that your hardware and software products are properly supported and compatible with the security features that you are using. Spend ample time learning as much as you can about authorized access to data, taking screenshots, analytics, forwarding data files and more before implementing the use of new technology and security features. This will help you to make full and ample use of security features without concern of negative impacts associated with its use.

jazz3

Photo Credit: Pexels.com

  1. Keeping Sensitive Data

The unfortunate reality is that all businesses have sensitive data that malicious sources may want to target. Regardless of the size of your business or the type of business that you run, there is a possibility that your business may be targeted through a ransomware attack.

For example, a public institution, such as a hospital, police office, school or government office, may have access to a huge number of public records. This could include public records that contain profiles on the general public and that could be breached for malicious purposes. Another example involves e-commerce businesses, such as luxurious brands. A ransomware attack could target the high-end customers of a luxury brand so that the customers’ personal information and, with that, material possessions are at stake.

Any time a customer’s vital and sensitive data is jeopardized, the person stands to lose a considerable amount of money, and fraud is always a concern as well. Your primary goal should be to protect the privacy of your customers. Therefore, you should avoid collecting data that you do not need, and you should not store data that you do not need for too long.

More than that, you should encrypt all data that you have possession of in the most secure fashion possible. Generally, this involves the use of SSL certificates or other highly secure formats. Remember that a data breach can impact your business’s reputation as well. Customers may no longer trust your business if you cannot safeguard their vital and sensitive data. This could have a long-term and negative effect on your business.

To Recap…

Business security is of vital importance regardless of the niche or industry that you work in. You need to focus on all aspects of business security, and you must take steps to safeguard data at all levels. While you need to train your employees about data security and how to properly safeguard and encrypt data at all levels, you also need to take steps to prevent ransomware attacks and use SSL certificates with vital customer data. Now is the ideal time to take a closer look at your data security efforts and to make upgrades and enhancements. If you notice any areas that need to be improved and enhanced, now is the time to do so.

Jasmine Williams covers the good and the bad of today’s business and marketing. She was rummaging through her grandma’s clothes before it was cool and she’s usually hunched over a book or dancing in the kitchen, trying hard to maintain rhythm, but delivering some fine cooking (her family says so). Tweet her @JazzyWilliams88.

 

Is Your Social Media Profile Secure?

/ nancyrubin

With people spending more and more of their lives online – it can be difficult to know where to draw the line. Sharing almost every aspect of your life might have been commonplace – but you could also be putting yourself at risk.

While social media has become a great place to share and communicate with friends and family – it has also become a place where criminals target the unsuspecting. This is becoming a growing problem. People who came to the internet late in their lives might already have a sense of reluctance to share absolutely everything – but those who have grown up with it might not be aware that they could be sharing too much. We’re going to look at a few simple security tips that should make your social media profile more secure.

1. Don’t share too much

Sharing parts of your life can be great fun – but some people take things too far. Do you really want people knowing where you are all the time? Leave a bit of mystery in your life – it could actually protect you. Simply advertising when you’re not at home or even making it really obvious where you live or work are not the greatest ideas. Use some common sense. By all means, share photos and enjoy yourself – but try and keep some things private in your life.

Remember when you need to reset a password because you lost it? Oftentimes they’ll ask you when your birthday is or what your pet’s name is. This is the sort of information people freely share on social media. That means you’re giving this secure information away for free. Don’t do it.

2. Make sure you know all your “friends”

Having as long a friend list as possible has almost become a competition between some people. It makes you seem popular – but that’s not really the reality. Try and rise above this sort of behaviour. Only accept someone as a “friend” if you really know who they are. This means what you share should only be seen by people you know.

Of course, you can’t control how your friends use their accounts, so make sure you really only have people you can rely on in real life. A good question to ask yourself is – would you stop and talk to that person if you saw them in real life? If not – why are they on your friend list? You’ve got to get away from the desire to have thousands of friends and realise that some things (like your security) are more important.

3. Don’t share access of your account

Some people share their password and let their friends log in for them. This is a huge mistake and could be asking for trouble. Make sure it’s only you that has access to your account. You should also log out when you’ve finished – especially on public computers like those in libraries or at college.

4. Vary your passwords

Some people use the same password for everything. While this can make things easier to remember – it also means losing access to one account could spell disaster. Make sure you vary your passwords and change them regularly. Don’t write them down, either.

About the author

Keith has a strong background in advising people on security issues. He’s been writing about tech and social media for a number of years. In his spare time, he also writes for a private tuition service based in Singapore.

5 Social Media Security Risks for Your Business

/ nancyrubin

People love social media. Social networks provide limitless opportunities to have fun and communicate with other people. Unfortunately, social media has also become the focus of an increasing number of cyber attacks. Knowing that so many employees use social media while at work, hackers have had success attacking companies by compromising their data and harming their reputation.

Although cybercriminals routinely infiltrate popular social networks with fake accounts and malicious software, social media users often represent their most valuable asset. Regardless, you must accept responsibility to secure your company from all online threats. Learn about the following five social media security concerns so you can improve your business’ security.

1. Information Leakage

Employees can choose to use the same social media platforms at work that they use at home. Using familiar tools and a familiar interface in order to work together and share files makes sense to many employees. Platforms such as Twitter and Facebook, however, can convey a false sense of intimacy that can result in the sharing of sensitive information that businesses owners and managers would prefer to keep secure.

Sharing and chatting on social media for business can cause substantial damage to organizations, especially when personal accounts are used. Social media sites do not have the same security features, such as access control, that project management software has. As a result, information shared on social media can often fall into the hands of distant “friends of friends” or public users who can attempt to profit from it.

If your company wants to prevent information leakage, it must implement and enforce acceptable use policies that prohibit the use of social media for internal business processes. Such a simple precaution can prevent the loss of trade secrets and reputation damage. Similarly, businesses should also enact guidelines and provide tools that encourage communications and file sharing using secure tools.

2. Social Scams and Phishing Attacks

Phishing attacks use messages that appear to originate from a familiar person. Users believe they can trust the sender and open the messages, allowing hackers, scammers and other malicious users to obtain login credentials for various websites, including social networks. The scammers use those credentials to gain access to victims’ accounts and then attack more people by sending them spurious messages with enticing subject lines.

Image2

Social platforms saw the number of phishing attacks on their users more than double in 2015. Hackers use the compromised accounts to post scams that install malware or perform other nefarious tasks. These cyber criminals can then direct their efforts at your company by attacking your customers or by impersonating your customer service agents. Some scams can offer long-term reputation damage and also compromise confidential information.

3. Malicious Apps

So-called “bring your own device” policies in the workplace have opened the door to business data networks via malicious software. This type of attack works because companies often have insufficient control over employee-owned devices. Although cyber criminals have had limited success with virus distribution via social media, they can easily hack the smartphone social media apps, converting them to act as gateways to your network and the data it hosts.

4. Malware Attacks and Hacks

Malware can enter business networks via social media sites and thereby give hackers access to customer and trade data. Malware can also modify user information and corrupt databases to deny employees access to vital applications and data.

Sometimes cybercriminals post security disinformation online and thereby mislead social media users into compromising their accounts. As a result, well-meaning employees can unwittingly release confidential information and harm the reputation of your firm.

5. Uneducated Employees 

Employees continue to rank near the top of business security threats. Dissatisfied workers who have access to vital business secrets can post sensitive information to social media and thereby cause irreparable damage to your company. When employees get bored or want to get revenge on a co-worker, they also can, for either fun or spite, release inappropriate information via social media sites without understanding the repercussions of their behavior.

Image1

Employees who have never been educated and trained in proper security practices can easily click on phishing links or reveal information to a fake social media account without realizing that they have compromised security.

Get the best protection for your business by training your entire labor force to understand the importance of data security. As part of the process, make sure either you or your IT manager teaches your employees how to recognize malware, malicious applications, phishing attacks and other social-media-based threats. You should also prohibit your employees from using unauthorized software to do their job.

Recognizing the above five social media security threats will boost your awareness of threats that can harm your business. The online landscape continually changes, so you should monitor technology news to stay forward of new cybersecurity developments. You should also ensure that you have the latest internet security software installed on your workstations as well as on employee-owned devices.

Educating yourself and your staff will continue to play a vital role in securing your business. Begin the process by publishing guidelines for the use of social media in your company and holding periodic training sessions that help employees recognize threats. Taking control over social media in your biz will do much to safeguard your company’s data and your brand.

Author byline:

Josh McAllister is a freelance technology journalist with years of experience in the IT sector. He is passionate about helping small business owners understand how technology can save them time and money. Find him on Twitter @josh8mcallister

Make #Identity Theft Protection a Priority in Your Life

/ nancyrubin

Whether you run a business or are just an everyday consumer, you likely have a lot going on in your life. So, do you have time to stop and fight off an identity theft thief or two? In most cases, the answer will be a resounding no.

Unfortunately, that is not always a choice you get to have. As many American companies and consumers for that matter have discovered (especially in recent times), identity theft is a real and persistent problem.

With that being the case, what can you do to stem the tide, keeping identity theft thieves at arm’s length?

identitytheft

Have a Comprehensive Plan in Place

In order to put up a shield against identity theft, you first need a protection plan in place.

For starters, take the time and effort to review the best ID protection on the market. While there are various products and services out there, don’t automatically settle for something if you feel like you could do better, but you don’t feel as if you have the time or money to explore more in-depth.

There are services out there that will review the different I.D. theft protection companies and their various products, allowing you to make a more informed selection when all is said and done.

Once you have your protection plan ready to go and ultimately installed, the next great task is making sure you are still being as cognizant as possible about the threat that is out there.

Whether you run your own business all by yourself, have employees on your team, or you’re just a simple consumer looking peace of mind when it comes to identity theft, you have a responsibility of your own (actually more than one) when it comes to fending off I.D. theft thieves.

These responsibilities include:

  • Monitoring your lifestyle – Yes, while a protection plan provider will watch your credit card/bank/online activities, look for any suspicious behavior etc. you still have a responsibility on your own (see more below). Remember, such a service can only do so much 24/7/365, so that’s where you come in. Be sure to be careful when using credit cards out in public, hopping on the Internet for business or pleasure, traveling and using computer servers you can’t with 100 percent certainty say are safe etc. And if you think your health records are off limits and/or of little or no interest to I.D. theft thieves, think again. Getting their hands on such information can be to them like striking gold, allowing them to gather up large swaths of personal data to then turn around and sell;
  • Being an educated consumer or business owner – As mentioned a moment ago, you have to take on some degree of responsibility in protecting your identity, especially as it relates to your financial well-being. For example, if you go out to eat, don’t leave a credit card sitting on the table by itself for even a moment. The same holds true when it comes to receipts. If you are traveling and relying on a computer already set up in your hotel in say a business office or lobby area, do not do any work on it involving your bank account, Social Security account, work files that include customer data etc. You likely can’t say with 100 percent certainty that the server there is protected, so why take a chance on exposing personal data?
  • Investing in your financial future – Finally, stop for a moment and think about how just one successful I.D. theft strike against you or your business (if you have one) could financially devastate you for years to come. While you may not be able to say that you have 100 percent protection in place, you can come pretty darn close to feeling that you do. When you have a company providing you with protection, along with making sure you are doing all the right things, you are investing in your financial future. Also make sure if you have a family that they too utilize smart financial practices in the home and when outside of it. This is especially important in not only protecting you, but also your children.

If you have not taken identity theft all that seriously up to this point, change that mindset as you move forward.

About the Author: Dave Thomas covers business topics on the web.

How Secure Are Your Online Activities?

/ nancyrubin

online_securityFor today’s business owner, he or she has much to concern themselves with, not the least of which is making sure their online activities are as secure as can be.

As news details make note of on what seems like a monthly basis, one reads of this company or that company being hacked. When that happens, the company’s brand can take a temporary or permanent hit.

With that in mind, what are you doing to best secure your company’s online activities?

Better yet, what are you not doing to secure online movements?

From Paper to Online, Security is a Must

With many smaller businesses (notably medical practices) going from paper to online to manage their documents, it is imperative that they secure their websites.

While there are numerous means by which a small business can better secure its online activities, here are a few that should never be taken for granted:

  • Server protection – First and foremost, make sure the server your small business uses is as fully protected as possible. If your server provider can’t guarantee security is the number one priority for them, look elsewhere. A weak server is a ticking time bomb, just waiting to be set-off by cyber-criminals;
  • Employees’ matter – One of your best lines of defense in keeping your company protected against hackers is your employees. Whether you have a staff of just a few a few or several dozen, emphasize the importance of Internet security with your team. As you navigate from the paper trail to basing all your documents online, it is important that your workers understand how sensitive the information is, let alone how secure it can and should be online. From the day they are hired, employees should be reminded the importance of maintaining online privacy for customers, especially for those businesses in the medical field. Making sure patient data remains private is essential to the integrity of one’s practice. When an employee leaves your business, be sure to change their computer log-in details immediately, preventing them or anyone else from accessing company files online;
  • Role of the customer – Whether your customers are patients or just regular shoppers, there is a role for them to play too when it comes to securing online data. Individuals should always assume that someone could be watching their Internet activities, so plan accordingly. Don’t leave sensitive data online for others to see. An example of this would be going to a public facility (library, coffee shop, campus building etc.) and leaving a laptop unattended for even a minute. In that short span of time, someone will ill intentions could easily gather up a credit card number, Social Security number, bank account I.D., PIN etc. and be gone. When that happens, the individual whose information was swiped can be in for a rude financial awakening. Also try to be as sure as possible that you are working off of a secure server. If you are using a laptop computer while on the road for business or pleasure, do not just assume that the server is 100 percent safe. Due to this, it is advisable not to be entering any sensitive personal data (financial, medical etc.) until you get back home or to your office where you feel more comfortable with the server security capabilities;
  • Social media safety – Finally, more and more companies are using social media not only to learn more about what is going on in their respective industries, but also to communicate with clients. In doing so, it is critical that one’s social networking time is spent wisely. Companies (and customers for that matter) should never give out any private information over social channels. While Facebook, Twitter, Instagram etc. allow members to essentially lock-down their profiles (this way only those they choose can see what they are posting), hackers have been known to work their way into accounts. With this in mind, personal and financial information should only be transmitted through secure email channels and/or over the phone or regular mail.

In checking to see how secure your online activities are, always assume that someone is watching.

When you do that, you’re more inclined to practice online safety.

About the Author: Dave Thomas covers technology and business topics on the web.

Don’t Help Identity Thieves Steal Your Information

/ nancyrubin

online_securityWhether you run a business or are simply just consumers doing his or her everyday shopping, do you ever worry about identity theft thieves interrupting your life?

Unfortunately, it happens more times than people like to think of.

When identity theft hits, it can be one of the most disruptive thing in an individual’s life.

That said are you taking the necessary precautions to lower the odds of becoming the next victim?

Don’t Help Identity Theft Thieves in the Process

One of the things identity theft thieves like the most is when individuals (and or businesses) make their jobs easier for them.

How might people do just that?

In the end, it comes down to not practicing commonsense, especially when it comes to financial and personal information.

Make sure you are not giving out personal and/or financial details that I.D. theft thieves can then take and use against you.

This includes:

  1. Computer gaffes – The most obvious way identity theft thieves target and strike their prey is via the Internet, so watch your digital footprints carefully. This means not leaving a trail of personal and financial data a mile long. An example of this would be someone using a site to purchase a product or service from. They think the site is safe and secure, but it turns out that is certainly not the case. As a result, they’ve given the identity theft thief or thieves’ a green light to steal from them. Be as sure as you can possibly be that the site you are (see more below) on (Ecommerce stores, airline or rental car sites, banks and other financial institutions, medical offices etc.) is as secure as possible. Once your information has been compromised, it can lead to all sorts of personal and/or financial headaches. Turning to products such as ultimate plus service from LifeLock and others like them can make all the difference in the world;
  2. In-person stumbles – How many times have you been out in public, only to turn around and leave items such as a credit or bank debit card sitting around for all the world to see? Remember, it just takes an I.D. theft thief mere minutes or even seconds to strike. Before you know it, he or she has your numbers from a card or cards. Once they get that information, they can then in turn use it against you. Also never loan your credit or debit card (or other such item) to friends to use. Sure, you may think you are helping someone out in a pinch, but once again, this act of generosity can come back to haunt you. If someone you know needs short-term financial assistance, offer to take care of it for them with your credit or debit card or loan them cash. Never just hand over on your financial cards and tell them to give it back to you when they are done with it;
  3. Being overly social – Another error waiting to happen is being overly social on social networking sites like Facebook, Twitter, LinkedIn, Instagram and others. While being active on social media can benefit you both professionally and personally, it does have its potential downfalls too. Be careful not to spill the beans about your financial practices when using any social media venues. More and more identity theft thieves are camping out on social sites, hoping that someone is a little too chatty or careless on them. When that occurs, a thief can strike at a moment’s notice. If someone requests you download something from a social media site, proceed with extreme caution. The only time you should ever consider downloading something off of a social media site is if you feel 100 percent confident it isn’t an item containing malware and/or the person or site requesting a download is one you trust entirely. Given how creative I.D. theft thieves have become, use your best judgment to lessen the odds you are primed to be their next victim.

Your personal information is just that, personal.

Don’t let a criminal or criminals put one over on you both online and off of it. 

About the Author: Dave Thomas covers financial and business topics on the web.