Data Security: Spotting a Scam Before Disaster
Data is everywhere, and as long as it’s out there, hackers will try to get it. If your company falls victim to a data breach, no matter how large or small, you lose money and customer trust. Data shows the average consolidated total cost of a data breach grew from $3.8 million in 2015 to $4 million in 2016, and the average cost to a business for each lost or stolen record of sensitive and confidential information rose from $154 to $158.
Teach Employees Signs to Look For
Show everyone phishing emails look like, and to avoid opening suspicious emails. Run some mock phishing attacks of your own against your employees to see how well they are equipped to respond, and test the management team to see how well they’re enforcing the policies. Any email attachments should be scanned through your email’s virus scanner before they are downloaded. Links should be double checked before clicking. Teach employees to hover over the link and look closely at the URL to make sure the URL matches the proposed destination.
Set a Company-Wide Policy
Talk with your IT team or meet with security consultants to help you develop a company-wide policy on how to use the computer systems. Include what’s acceptable and what’s not, such as rules about when and how to respond to an email that looks suspicious. Outline social media usage expectations, as someone, somewhere, will have to maintain your corporate social media accounts. Leaving the websites accessible at work also opens the door to personal social media use, which could put company data at risk. Set protocols about how often employees are required to change passwords, and make sure they know how to set good, secure, passwords that they can still remember.
Implement a High-Quality SPAM Filter
Spam inundates mailboxes all over the world, and no matter what you do, you’re never going to stop it. In the first quarter of 2016, there was a sharp increase in email antivirus detections: more than 22 million, and that’s for a single antivirus solution. This number is four times higher than the first quarter of 2015. Many phishing scams start with emails that most SPAM filters will catch. However, even the highest quality filters may block out legitimate emails, so be sure to check them regularly.
Keep Your Systems Up-to-Date
Software is updated often to catch security holes that make it easier for hackers to get in. The longer you go between updates to cover those holes, the higher the risk of falling susceptible to a data breach. The easiest way to do to this is to set all computers in your office to run automatic updates, and require anyone who’s telecommuting to do the same.
Run Anti-Virus Software
No anti-virus software is perfect, but something is better than nothing. As with other software, allow it to update regularly to get new virus definitions. Run regular virus scans to ensure that no malicious files were inadvertently downloaded to your system.
Use Two-Factor Authentication
Two-factor authentication requires a second-step to successfully login, if an employee’s credentials are ever compromised. For instance, when a new-sign in happens, a code is sent to the employee via text message or phone call, and that code is required to be correct before allowing access to the account.
Scams are all over the Internet, and anyone who doesn’t know what to look for could easily put your data at risk. Teaching employees is a critical step, but without other security measures in place to act as additional protection, your data will always be at risk.
This article originally appeared in Biznology.
This article was written by Megan Totka from Business2Community and was legally licensed through the NewsCred publisher network.
Online Degrees & Certificates In Cybersecurity
American Military University's online cybersecurity programs integrate multiple disciplines to ensure you gain the critical skills and management practices needed to effectively lead cybersecurity missions – from government or private industry. Learn from the leader. American Military University is part of American Public University System, which has been designated by the National Security Agency and the Department of Homeland Security as a National Center of Academic Excellence in Cyber Defense Education.