Robert Siciliano Identity Theft Expert
Advancements in technology over the past decade have created a tremendous amount of opportunity for the savvy businessperson. Whether it’s mobility, streamlined processes, marketing, or the ability to sell to a global market, there’s never been a better time to be in business.
Like anything good, there is always a negative. While there are certainly many negatives in technology, like the headaches when something doesn’t work correctly and the constant learning curve we must all endure, the biggest negative is security issues.
So for the SMB (that’s you, the savvy businessperson), here are ten considerations for the new decade:
Back up your back up. Numerous reports of cyber-war, thousands of new viruses weekly, and even Mother Nature reeking havoc on the Internet, have caused concern among industry professionals. Doing business in the cloud is fantastic; however, make sure you have redundant local backups of your data.
Anti-virus will not fully protect you. The sheer volume of attacks and new viruses created will keep the anti-virus vendors busy. But there is no way they can keep up the pace 100% of the time. There are numerous technologies that will immunize your PC and make whatever virus or spyware impotent, and any data on your machine typed in a browser useless to the thief.
Social media identity theft is the act of creating a blog or social media site that models your day to day operations. At any time someone can register domains or social media sites with your brand as the face. They then sell product that they never ship and/or do things to damage your brand. Scoop up your social media identities with Knowem.com
Social network nitwits. One of the easiest ways into your companies’ networks is via social media. The explosion of “I just made a tuna” communications has brought out the dumb in many people. The simple act of setting up a group on Facebook and getting your employees to join can open up a treasure trove of data that can facilitate social engineering attacks. Create policies and procedures that involve appropriate use.
Social engineering, the ruse of a confidence man, is back in full force. It never really went away, but with the amount of security in place, sometimes the path of least resistance is simply asking your cleaning crew for the keys to the building. By gaining the trust of employees over the phone, via email or in person, a con-man can get almost anything he needs to get whatever he wants. The best defense is effective policies coupled with ongoing awareness training.
Insider identity theft can ruin your business. Most companies have done their due-diligence to keep the bad guy from hacking from the outside. But many organizations have neglected the risks associated with employees gone bad and the internal damage that can be done. Numerous technologies monitor and control access to sensitive information. But preventing bad employees from doing bad things starts with not hiring bad people.
Phishing scams still work. Despite consumer and employee awareness, a carefully crafted and well designed email that looks like its coming from another employee is probably the most effective spear phish. Going after the CEO or high level executive or “whaling” can often be even more successful. The bigger they are the harder they fall as they say. From my experience it’s often the smartest ones in the room that lack all common sense. Test your employees; see what they will fall for. Then test them again.
Tighten up employee remote access. Allowing Suzy Admin to access the companies VPN from a home PC that Suzy’s son Steve uses to play games on servers hosted in North Korea will end up bad. Malware on a home computer can compromise usernames and passwords resulting in spyware on the network. Set up Suzy with her own laptop that’s fully locked down and prevents Steve from doing anything fun.
Peer to Peer (P2P) file sharing is a fantastic way to leak company and client data to the world. Obamas helicopter plans, security details and notes on congress members being deposed were all leaked on government controlled computers via P2P. Setting admin privileges and installing numerous technologies that will prevent P2P is essential.
Identity theft will get worse before it gets better. And whether it’s your identity, your families or your employee’s identity that is stolen, it can be a huge time suck and a costly event. The best defense involves a 3 legged stool. First, awareness training of all the scams that lure people in, and how to appropriately respond to numerous communications. Second involves a little time and investment in a “credit freeze” or “security freeze”. Learn how to do it HERE. Third is an annual investment in identity theft protection. In today’s cyber crime climate, and with the recession making people desperate to make money any way they can, NOT investing in identity theft protection is, in my opinion, irresponsible. The worst thing you can do is nothing.
Go to my website and get my FREE ebook on how to protect yourself from the bad guy.
Robert Siciliano Identity Theft Speaker discussing identity theft on Fox News
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Social Media Security Risks for Small Business
For more than a decade, cyber criminals have launched countless attacks on banks’ online infrastructure, successfully one-upping security professionals and their clients by creating viruses that bypass existing security measures. In response, computer security companies have continuously updated their technologies to address new cyber threats. However, one major variable that technology cannot control is the human element.
- Social Media Security Tips for Small Business
Corporations know there are long-term marketing benefits of social media and they also know the security issues with employees continue to be a problem. Many companies restrict internal access. Others prevent employees from discussing or mentioning the company in social media during private time. Follow these social media security tips for small business to prevent security issues: #1 Implement
- 7 Small Business Social Media Risks
Many executives are concerned about social media related risks (e.g., data security and ID theft), but far fewer actually have any social media training. A recent survey of executives puts the concerns into four categories: disclosure of confidential information; damaged brand reputation; ID theft; and legal and compliance violations. Another feature that the survey unveiled was that
- 7 Social Media Security Tips To Protect Your Business
Your employee’s online life could open your business to some serious dangers. Many small businesses recognize the benefits of having a social media presence for customer service and long-term marketing purposes. However, many are slow to recognize social media’s security issues and how employees’ own social presence can add to the company’s security issues. Some companies restrict
- Access Control for Small Business Owners
Knowing who enters and exits your business at all times of the day give the business owner greater control. Having the ability to limit unauthorized entry to your business to certain employees, ex-employees at different times of the day are just a few of the benefits of access control systems. Knowing you can help to protect
Leave a Comment
You must be logged in to post a comment.