Posts Tagged "data breach tips"

So You had a Data Breach – Now What?

Posted by on Jul 9, 2015 in News | 0 comments

When larger organizations face a data breach of their customer or employee information, they often offer free credit monitoring services to affected individuals. If you are faced with a personal data compromise and don’t receive this offer, there are still several options to help you recover from a personally identifiable information (PII) breach, say the experts at Wombat Security Technologies. It’s important to be proactive about minimizing the impact of data breach, whether yours is one of many compromised records or you are the victim of a limited-scope breach. With the latter, if you have the motive and the means to enroll in a credit monitoring service on your own dime, it could be well worth the peace of mind to know that someone is looking out for you. Regardless, the following do-it-yourself activities will help you mitigate some of the damage caused by a data breach — as well as prevent future damage. If you’ve been alerted to an account breach — or you suspect you’ve fallen for a phishing email that prompted you to reveal credentials for a login-protected site like webmail, online banking, or social media — change your password posthaste. If you happen to use that same password on other sites, be sure to update those logins as well. Hackers will often cross-check stolen passwords on multiple sites in hopes of getting a hit. For cases in which you personally discover or suspect a data security breach, contact the help lines for affected accounts right away. Be sure to use trusted customer service channels, such as phone numbers from your credit cards or billing statements. In many cases, it’s not just account numbers that hackers and scammers scoop up. They often grab names, email addresses, and phone numbers to use in follow-up attacks. In these attacks, fraudsters will put together multiple pieces of information they have about individuals to make their messages and calls seem more legitimate and more believable. It’s important to be on high alert once you know your data is already in the hands of hackers. With all the ado about cyber security attacks, it can be easy to become complacent about snail mail. But consider the prior point about email addresses and phone numbers and you’ll see that the leap to a mail-based attack isn’t hard to make. If scammers obtain your name, address, and other identifying information, it can be easy for them to send compelling and seemingly genuine letters, bills, payment notices and other mailers. It’s critical that you verify the validity of unsolicited mail that asks for any type of remittance....

Read More

Tips to Manage Privacy and Security within Your Business

Posted by on Apr 21, 2015 in News | 0 comments

As many as 43 percent of companies experienced a data breach in the past year – a 10 percent increase from last year, according to an annual study conducted by the Ponemon Institute. As companies scramble to keep their names out of the headlines by bolstering up security practices and protocols, it’s important to take a deeper look into the little things you can do to better manage privacy and security within your own company. Here are a few things to keep in mind as you think about how to keep your company secure this year: Host a policy refresher. Employees can be your company’s greatest asset, as well as the weakest link when it comes to upholding standard security protocols. While it may seem obvious that an informed workforce is a more secure workforce, many employees aren’t always aware of the latest corporate procedures established to protect the organization. As the calendar turns, consider hosting a policy refresher course for all employees, regardless of level, to start the new year off strong. It will give you an opportunity to address any policy changes that may have been made in the past 12 months, speak to any industry-wide security changes and update the staff on the privacy and security tools at their disposal. Protect against visual hacking. While a lot of resources are spent protecting data from high-tech cyber criminals, many overlook other potential threats like visual hacking, a low-tech method that may be used to capture sensitive, confidential and private information for unauthorized use. If an employee is working on sensitive company or customer information outside of the office or in full-view of an office with employees who don’t have the same access, information is at risk of falling into the wrong hands. In fact, the 3M Visual Hacking Experiment, conducted by Ponemon Institute on behalf of the 3M company, a leading manufacturer of privacy filters, found that in nearly nine out of 10 attempts, sensitive corporate information, such as employee access and login credentials, was able to be visually hacked. In addition to providing employees with the right tools, like privacy filters, it’s important to educate them on the potential risks of a visual breach and incorporate the need to protect visual privacy in corporate security policies. Rethink the open floor plan. As a means to increase productivity, many organizations are creating open workspaces, allowing employees to work within a more free-flowing setting. While it may work for some, an open floor plan comes with its own set of privacy and security drawbacks. By taking employees outside of the confines of their office walls, it becomes all too easy for vendors, third-party workers or even malicious, opportunistic employees to see confidential information from a device screen or hard-copy file. This office configuration can needlessly put your employees and data at risk. If you have, or are moving to, an open floor plan, it is critical to assess how the set up will affect your company’s security procedures and make sure that privacy protocols are updated to reflect what information can be worked on where and when to better secure corporate information. Prevent social engineering. Employees may succumb to a social engineering attack because they were simply trying to be helpful and nice. However, that same employee can be the “in” a hacker needs to launch a more widespread attack on the company’s system. Before this happens within your organization, take the necessary steps to teach employees about the impact of social engineering and how they can be part of the solution to prevent it. Show them examples of what...

Read More