Digital and computer theft is big business. And the criminals are getting more and more sophisticated every year. According to the Association of Certified Fraud Examiners, digital crooks now account for $3.5 trillion in annual losses worldwide. Businesses must protect their data from exposure to theft or leakage both from inside and outside the company. Countermeasures must include both cybersecurity measures and measures against physical theft, or physical security.
This article the 15 best ways your company can protect itself and your valuable data from compromise, destruction or theft.
In today’s business environment, the theft or loss of even a single laptop computer cell phone or tablet can be devastating – unless you take some common sense measures to mitigate the damage ahead of time.
It’s not just the cost of the lost device itself. If there is confidential, proprietary or personally identifiable information on the device – or readily accessible through it – your company could be exposed to substantial liability, fines and penalties. On average, total costs to U.S. companies incurring the theft or loss of a digital device can run to nearly $217 per record in fines, recovery costs, legal fees, customer loss and PR crisis expenditures, according to the Ponemon Institute’s 2015 Cost of Data Breach Study.
Video surveillance has dramatically changed in the past several years from a business perspective as well as a technological perspective. High-definition cameras have increased commoditization in the market of video hardware but have lowered the profit margins of manufacturers and their partners.
Also, several acquisitions and mergers have impacted competition, which reduced the number of companies holding considerable shares in the market. One of the biggest problems with these cameras has been their role in DDoS cyber attacks. Online security professionals have been talking about the dangers of these cameras for years but have seen their fears come true with the recent growth of attacks.
Smart phones and tablet computers are not just for texting, talking and watching videos. An increasing number of software applications (apps) for these devices, and other technologies not involving mobile devices, help businesses prevent losses and cut their insurance costs.
Mobile devices can now connect to business security systems. Many security equipment vendors offer apps that give business owners instant information when they’re away from the premises. For example, the system may send a text alert to a smartphone if a security camera picks up sudden movements. Others may stream videos from security cameras to the smartphone, enabling the owner or personnel to keep an eye on the premises during off hours.
People who use public connections may be compromised by hackers but there are several safeguards available to avoid public wi-fi security risks. The recent availability of free Wi-Fi has been a great benefit for small businesses and consumers alike, and there are free connections in almost any hotel, restaurant or coffee shop. Since no authentication is required to establish a connection, hackers have an easier time stealing data. Hackers position themselves between a person with an unsecured device and the connection point, which means that the phone’s information is sent to the hacker instead of the hotspot. Emails, search requests and credit card information may be sent. With this information, a hacker may be able to access some of the person’s information easily.
For the average American company, the cost of cyber breaches are not as much as estimated by experts. Researchers from RAND Corporation found that the average cost of a breach was $200,000, which is less than 0.4 percent of a typical company’s annual revenue. That figure is about equal to a company’s annual information security budget.
Many businesses do not understand just how important cyber insurance is or why they need it. Businesses that store personally identifiable information (PII), personal health information (PHI) and/or personal financial information (PFI) are most often targeted. The financial and reputational damage cyber crime has on small businesses can be too much to bounce back from without a comprehensive cyber liability insurance policy.
For the past several years, scammers have been selling fake security software, known as tech support scams. They go so far as to set up websites, which they use to market free computer scans. There is usually no scan performed at all but they issue a warning message at the end of the fake scan to convince visitors that their computer has a virus. They then introduce their own software as a solution. In most cases, the software has no security capabilities. Several scam artists who are even more malicious provide malware instead of worthless software. Malware is designed to give the software creator access to the computer, and this is how criminals steal information from unsuspecting businesses.
A small business owner learns about a possible security hole in her internet browser. She does a search to find out more about it and lands on a site that explains the problem and offers a free download to fix it. Wary of downloading a file from an unfamiliar site, she leaves it and goes to a more credible site, finds the patch, downloads and installs it, and believes she’s protected.
Unfortunately, software running on the first site detected the vulnerability and installed a program that records and transmits back every keystroke she types. As she does some online banking, the program captures her login information, account number, answers to security questions, and other private information. Weeks later, she finds that both her personal and business bank accounts are cleaned out.
According to a recent survey conducted by the Hartford Steam Boiler Inspection and Insurance Company, about 70 percent of businesses experienced one or more hacking incidents during the past year. More than 50 percent of business owners did not feel that they had spent enough money or trained enough personnel to address the growing security risks and evolving hacking techniques.
Experts at HSB said that businesses can do better when it comes to dealing with hacking attacks and stressed that the key factor to overcoming security risks is preventing them in the first place instead of dealing with the aftermath of attacks. Of the risk managers interviewed by HSB, more than 60 percent were from large enterprises. Another 30 percent represented mid-sized business, and almost 10 percent were associated with small businesses.