Data breaches in 2016 were at an all-time high, sparking many businesses to develop legitimate concern about the coming year. For that reason, business security is a big priority, particularly for any organization that stores card information and for businesses aligned with the healthcare field.
According to an Identity Theft Resource Center report from December 2016, general businesses experienced the most overall breaches, but healthcare organizations saw the most amount of data actually compromised. Of the 980 breaches that occurred in 2016, 44% of the breaches occurred in businesses, while only 16% of the exposed records came from that industry. In the same timeframe, 36% of breaches occurred in healthcare, while almost 44% of compromised records originated from the industry.
But breaches have occurred across multiple industries, some of which exposed highly private and significant information. According to Identity Force, organizations to suffer breaches in 2016 included the U.S. Department of Justice, UC Berkeley, SnapChat, LinkedIn, Wendy’s, and even the Philippine Commission on Elections.
Needless to say, we all have good reason to be concerned, which begs the question: how do we protect ourselves?
For individuals, the steps are simpler.
- Don’t store credit card information.
- Don’t use any swipe card options.
- Complicate your passwords.
- Back-up data regularly and store it in a secure location.
- Don’t click links in unfamiliar emails.
There are more, but the general gist is: be suspicious and avoid predictability.
For business security, the process is decidedly more complicated. Below are some important steps for any business owner to protect from data breaches in the coming year.
Know the Enemy
One important step is to know the threat you’re facing. As a business owner, you need to be hyper vigilant about trends in breaches, types of malware, vulnerable software, etc. One of the biggest threats in 2016 that is predicted to carry over into the New Year is ransomware. This malware gets into your computer and essentially holds your data hostage until you make a payment to the cyber hijacker. They will then give you a code to access your device again.
Other specific forms of malware are being developed all the time. Trojans are an old method, but still true, though most are smart enough not to click on links contained in suspicious emails. Still, it happens. You have to be aware of the type of bug you’re facing to be able to effective prevent it from harming your system or accessing your data.
Protect Your Business
Once you’ve come to understand the threats you face, protecting your business from data breaches starts with preventing access. The standards of good business security apply here:
- Establish a strong firewall
- Keep an IT professional on-staff to constantly monitor for infiltration
- Encrypt where possible
- Maintain PCI Compliance
- Be suspicious of open source applications
For some industries, these basics are the first place to focus time and money. Small businesses and certain industries especially have been known to invest less time and money in business security in the past, but the technology and the resourcefulness of cybercriminals is only growing worse. Make sure you’re not the easy target or a doorway for a larger prize. Both can be costly.
The next step is to use your knowledge of specific threats against your attackers. For ransomware, the best solution is to keep constant backups that are regularly updated, particularly for precious information you cannot lose. Data that is not hooked up to an internet outlet is much less vulnerable than data on any device connected to a computer. Get into the habit of backing up information and you won’t have to pay to access your files, as you can restore and start fresh.
For threats like basic malware, train your staff to effectively recognize and avoid certain threats. Use your firewall to prevent access to harmful sites and restrict your employees to only those sites you know are not going to be harmful. If your staff is aware and your internal systems primed for the possibility of data breaches, you can better prevent infiltration.
Finally, one big aspect for 2017 is mobile access and infiltration. According to a Lookout and Ponemon Institute report, 67 percent of the organizations involved in their survey reported that data breaches could be traced back to access by their employees via a mobile device. Because of how popular mobile devices have become, businesses in every industry will need to step up their mobile access security, which may include new software and more training.
Business security technology will be vital in 2017 for any business owner who wants to avoid looking like an easy mark for cybercriminals. By investing in your security software and hardware solutions, you can remove your vulnerabilities and convince the criminals to look elsewhere for a less savvy target.
About the Author – Ashley Choate is a native of Jacksonville, FL where she lives with her son, dog, and three cats. She graduated Magna Cum Laude from Jacksonville University with a BA in English and holds an MAED in Adult Education and Training. She lives for reading and writing, learning and teaching, and figuring out the day-to-day traumas and joys of mommyhood. .
Top Photo Courtesy of Google CC.