A month after Anthem announced that the personal information of 80 million people was breached, Seattle-area health care company Premera Blue Cross revealed that more than 11 million of its customers were similarly exposed. The company came under attack, though, for not disclosing the hack until March 17th — even though it discovered it on January 29th.
That led to a class-action lawsuit, Congressional calls for powerful legislation on cybersecurity, and assertions that as credit-card security increases, health records might be more at risk. But the fact is, even though stricter safeguards against payment card fraud are set to go into effect in October, data breaches are bound to keep happening.
Why? Because cyber criminals are crafty, and business is big: many in the IT industry estimate that credit card fraud generated over $7 billion in illicit revenue last year. Your business doesn’t have to suffer, though.
Here are a few strategies you can implement to keep your data safe:
Strengthen your passwords. There’s no easier way for hackers to access your critical information than through weak passwords. One of 2014’s many breaches did reveal this wealth of data: “123456” was the service’s most popular password, followed by “qwerty,” “abc123,” and “123456789.” Get more creative, and use a password manager tool to track your unique login information.
Segment and secure your data. This is required by law for the health-care and financial industries, so even if you work in a different field, consider following their lead by keeping critical information on a dedicated local server or in secure cloud-based locations, NOT just on an employee’s computer.
Be aware of spam and malware. Targeted email-based attacks against small businesses have been on the rise since 2013, so make sure you and your employees understand how they work. Nearly 30% of all security breaches occur when hackers use sensitive information to impersonate a user — and all it takes is one person unwittingly clicking on a malicious email attachment or illicit web link to affect an entire network. The bottom line? Do NOT click on any email attachment or embedded link unless you trust the sender or source and are expecting said attachment or link.
Encrypt, encrypt, encrypt. Sensitive business and client information should be treated with the utmost importance, which means your data should be properly encrypted. But striking the right balance between employee accessibility and proper security isn’t easy. Your IT provider should be able to recommend a level of encryption that’s right for you.
Back up, back up, back up. In the event that you are affected by a cyberattack, the quickest way to rebound is with the regular, remote, redundant backups that your business should perform each and every day. A good disaster recovery and business continuity plan will also go a long way toward minimizing any interruptions.
At CMIT Solutions, we’ve seen countless businesses affected by data breaches suffer devastating consequences that could have been avoided. But with the help of a trusted IT provider, you can keep your data safe. Contact us today to find out how we put solutions like anti-malware, backup and disaster recovery, data encryption, and proactive maintenance to work for our clients.