4 Things You Must Do To Protect Your Organization From Identity Theft
While it’s impossible to plan for every potential scenario, a little proactive planning and proper network precautions will help you avoid or greatly reduce the impact of the vast majority of cyber identity theft you could experience.
Make Sure Your Backups Are Encrypted
It just amazes me how many organizations don’t have the security of encrypted backups. Encryption takes every piece in your computer and turns it into dozens – or hundreds – of other characters. For example, just one letter “A” could turn into 256 different letters, numbers and symbols when it is encrypted. It makes it a whole lot more difficult for a hacker to figure out what the data is. On the other hand, if you DON’T have encryption, you are opening yourself up to a BIG risk of your identity and other important data being swiped.
Make Sure Your Virus Protection Is ALWAYS On AND Up-To-Date
You would have to be living under a rock to not know how devastating a virus can be to your network. With virus attacks coming from spam, downloaded data and music files, instant messages, websites and e-mails from friends and clients, you cannot afford to be without up to-date virus protection.
Not only can a virus corrupt your files and bring down your network, but it can also hurt your reputation. If you or one of your employees unknowingly spreads a virus to a customer, or if the virus hijacks your e-mail address book, you’re going to make a lot of people very angry.
Set Up A Firewall And Update It Regularly
Small business owners tend to think that because they are “just a small business,” no one would waste time trying to hack into their network, when nothing could be further from the truth. I’ve conducted experiments where I connected a single computer to the Internet with no firewall. Within minutes, a machine was taken over by malicious code and filled with files that I could not delete. The simple fact is that there are thousands of unscrupulous individuals out there who think it’s fun to steal your personal information just because they can.
These individuals strike randomly by searching the Internet for open, unprotected computers and internet connections. As soon as they find one, they will delete files or download huge files that cannot be deleted, shutting down your hard drive. They can also use your computer as a zombie for storing pirated software or sending spam, which will cause your ISP to shut YOU down and prevent you from accessing the Internet or sending and receiving e-mail.
If the malicious programs can’t be deleted, you’ll have to reformat the entire hard drive, causing you to lose every piece of information you’ve ever owned, UNLESS you were backing up your files properly (see 1 to 3 above).
Update Your System With Critical Security Patches As They Become Available
If you do not have the most up-to-date security patches and virus definitions installed on your network, hackers can access your computer through a simple banner ad or through an e-mail attachment.
Not too long ago Microsoft released a security bulletin about three newly discovered vulnerabilities that could allow an attacker to gain control of your computer by tricking users into downloading and opening a maliciously crafted picture. At the same time, Microsoft released a Windows update to correct the vulnerabilities; but if you didn’t have a process to ensure you were applying critical updates as soon as they became available, you were completely vulnerable to this attack. It is an EASY way for someone to gain access to your information and steal your identity.
Here’s another compelling reason to ensure your network stays up-to-date with the latest security patches…
Most hackers do not discover these security loopholes on their own. Instead, they learn about them when Microsoft (or any other software vendor, for that matter) announces the vulnerability and issues an update. That is their cue to spring into action and they immediately go to work to analyze the update and craft an exploit (like a virus) that allows them access to any computer or network that has not yet installed the security patch.
In essence, the time between the release of the update and the release of the exploit that targets the underlying vulnerability is getting shorter every day.