Add another layer to your #Business literacy. We at Serebral360° would love to know if the Forbes – Entrepreneurs article was helpful, leave a comment, like and share. Let’s dive in and discuss the information and put it to use to grow your business. #BusinessStrategy #ContentMarketing #WebDevelopment #BrandStrategy
Info@serebral360.com 762.333.1807 www.serebral360.com
Grap a copy of our NEW Business Stratgety Books #FFSS VOL1 and #FFSS VOL2
You’re right to be worried about the impact of a data breach on your business — and on you personally. But chances are you’re not worrying about it enough. Or, if you are sufficiently worried, you’re perhaps doing your worrying all wrong.
The Maginot Line Of Data Security
An analogy that comes to my mind is the Maginot Line. Grab a history book and open to the page where it mentions the preparations made by France just before World War II to prevent Germany from invading. Those preparations were massive. They included a vast defensive network of anti-tank barriers and heavily fortified installations connected by an underground troop- and munitions-carrying railway running along the border between France and Germany.
From all appearances, the combined protective measures — which together formed the Maginot Line (named for its principal architect, French Minister of War André Maginot) – formed an impenetrable wall. No way was any opposing army getting through.
Or so they thought. France expected Germany to attack the Maginot Line head on. They were ready for that. And, in all likelihood, had Germany thrown the full weight of its military directly against the Maginot Line, the French defenses would have held, and the Germans would have returned home empty-handed.
But Germany pulled a fast one. Instead of a direct assault, the troops sidestepped the mighty fortifications by going around them where the Maginot Line ended. Just like that, France was overrun.
Just The Tip Of The Iceberg
Now, put the history book away, and let me tell you why you need to worry more about the security of the electronic data you possess today. For starters, the data breaches you read about in the news are only the tip of the iceberg. Those cybercrimes make headlines because the victims are major companies with staggering numbers of affected customers.
You seldom hear about the small businesses hit by data breaches. It happens to them, too. Hackers break into electronic databases large and small so they can vacuum up financial account information, personal information and/or trade secrets. Data robbers employ a variety of “safeguard-cracking” techniques to access the priceless gems locked away in a virtual vault. Cyber thieves illicitly acquire a user’s password by going on a phishing expedition or by engaging in some other form of trickery to convince him or her to unwittingly surrender the password.
As chief of operations of a once-bootstrapped company, I would like to share some of my own organization’s cybersecurity practices that have helped us build a positive security culture to mitigate threats and data breaches.
How To Minimize Your Risk Of Falling Prey
The most important thing to know about cybercrime is that every company, every shop, every institution and every government office is a potential target. This means you.
There are a variety of things you can do proactively to reduce your risk of falling prey to a hack-attack on the database you think is well-defended already. Here are my suggestions:
• Develop a security-conscious culture within your organization:This amounts to an “if you see something, say something” workplace culture. While you can’t anticipate every contingency, listening to your staff when they call to your attention possible trouble (no matter how seemingly minor) helps you stay on top of risks. Also, a security-conscious culture will better allow you to investigate anomalies occurring within your database — potential signs of criminal activity.
• Adhere to industry best practices for data security and privacy:To do this, you first need to know what those practices entail. Check with the trade associations serving your industry or field to obtain recommendations concerning best practices. If you still aren’t sure how to adapt, hire people who are already up to speed.
• Advise users to never share passwords:A password innocently passed around among friends or colleagues may fall into the wrong hands. Similarly, caution them against multiple use of one password.
• When in doubt, ask: Make sure purchase orders and invoices received by email are legitimate before clicking on any links. Phishers have become remarkably good at impersonating the companies with which you do business. The easiest way to authenticate the provenance of an email requesting a click is to pick up the phone and call the purported sender — but only make the attempt to contact that person by dialing a number listed in a phone directory or other trusted source, and not the number offered in the email.
• Limit disclosure of nonsensitive data: Unsolicited phone calls or emailed vendor bidding forms may be a trap to obtain data that can later be used by a hacker. They might simply be casing your security posture, or they may be angling to quote unpublished in order to better legitimize themselves as they steal your identity or impersonate your company. Some scammers attempt to illicitly impersonate vague government bureaus.
• Set up an identity-access management system:This is basically a mechanism for making sure that the person who has just entered a password to gain access to your database is in fact the person authorized to use it. This can be accomplished as simply as asking the password-giver random preselected questions, or better yet, using text-message code verification or physical security devices.
• Conduct vulnerability/penetration testing:Phishing simulations represent one type of test to check your ability to thwart attempted break-ins. Another type is the running of up-to-the-minute virus detection and antivirus programs. You should conduct such testing at least once a month at random.
Cyber thieves and hackers will constantly evolve in their creative methods to steal your company’s vital information. One mistake by any employee can turn into a smorgasbord of opportunity for a determined hacker. Maintaining these and other security practices should reduce the likelihood of becoming a victim.
March 8, 2019 at 09:12AM
Forbes – Entrepreneurs