Viewing entries tagged
Data Breach

Cyber Monday: Five Tips For Safe Online Holiday Shopping

Great video and article by ABC News on safe holiday shopping and general rules for shopping online:

Before you fork over your credit card number and other info, make sure you're following these five safety tips.

1. Make sure you are buying from a secure site.
"The first thing you want to do is look at the URL and make sure it says HTTPS," says Natalie Severino, a security expert at Trend Micro. Along with the HTTPS in the web address you want to make sure you see the small padlock icon in the address bar when you get to the payment steps. Both of those will indicate that you are shopping on a secure site, which has a trusted and safe backend system.

2. Make sure your security software is up to date.

It seems like the obvious and boring tip, but it really is important. Every security expert we spoke with stressed that keeping the anti-virus software up to date and running should stop you from going to an unsafe shopping site.

3. Don't trust all those emails
If you're like any of us, your inbox is flooded with more "great Cyber Monday deal" messages than you can stand. But not all those emails are safe. "Some of the emails and the deals seem too good to be true. And they are," says Claudia Lombana, PayPal's Shopping Specialist. "The best thing to do is not to click the link, and go to a new webpage and try and go to it that way. It is only clicking links from those direct e-mail sources that can get you in trouble."

4. Use a different password at every site. 
If you can learn anything from this year's online security disasters it is never use the same password across your accounts or sites. If you are prompted to sign up for a new account to make a purchase make sure to create a new password. Both Lombana and Severino suggested a password with a combination of upper and lowercase letters, numbers, and special characters. Christina stressed to stay away from your name and family names; social media has made those passwords easier to crack.

5. Be even more mindful when shopping on your phone or tablet. 
According to PayPal, there was a 193 percent increase in mobile shopping on Black Friday 2012 over last year. And that's just the start -- the number of people shopping on their phone or tablet this holiday season is only going to go up. The experts say, however, that those mobile shoppers need to be even more vigilant about security. "The number one thing when shopping on a mobile device is to password-protect the phone or tablet," Lombana said. Also, make sure to keep in mind all the other tips and always make purchases over a secure and password-protected WiFi network.

Full Link: 


The Million Dollar Laptop

There are probably laptops out there that are physically worth a million dollars or more. However, I am referring to the laptop with valuable data on it that can be worth millions to a thief. Do you take a laptop with you regularly on business and travel? If you are a business owner, what's your policy on securing sensitive company and client data on yours and staff's equipment? The information on your employee's laptop could be very valuable to identity thieves or someone willing to sell the information to say a competitor.

We are in the middle of the information era. Businesses are relying on computer systems to store, share and process almost every transaction imaginable. Even if you are not in the financial sector and think you are not at risk for data theft or network security, here are some questions to ask:

  • Do we collect client social security addresses, dates of birth, driver's license numbers, home addresses, email addresses, or any other information that could be deemed sensitive?
  • Do our employees have access to sensitive information remotely?
  • Do employees use their smart phones for business? Are we able to do a remote wipe of information should their devices be stolen or disappear?
  • Do we have adequate company policies and procedures in place relating to accessing information?
  • Do we physically or digitally shred documents that possess this sensitive information when we are done with them? 

We are seeing more and more companies requiring our clients to have Network Security and Privacy Insurance. This coverage is designed to cover a data breach after the loss of information and can protect an insured from the loss of information and the clean up involved even if no breach occurs. Did you know it can cost thousands of dollars to notify individuals of a data breach where they could be at risk? In most states you are required to physically mail notification of the data breach to those affected. Some businesses go further and offer credit score reporting to affected parties so they can be sure their credit and or identity were not compromised. Let's say your employee lost a laptop with 5,000 client names and social security numbers (or some other private information). The cost to mail would be in the $3,000 range alone not considering the time involved. If credit reporting was mandatory of offered it could be an additional $125,000! 

Whether you are required to carry Network Security and Privacy Insurance or not, it may be time to consider adding it to your coverage portfolio. Every business seems to have some exposure to data compromise. Your laptop may not look like a million dollars, but you would be surprised of it's true value... Please consult with us if you have any questions on this or other risk that your business faces.