The FBI’s Internet Crime Complaint Center reported that in 2018 financial losses due to internet crimes, data breaches, fraud, and extortion increased by more than a staggering 90 percent. But criminals always prey on the most vulnerable. Boosting security can be an effective deterrent, and businesses that take security seriously can help protect themselves from the disastrous impact of such crimes.
Credit cards remain a favorite target of thieves, and demand for stolen credit and debit card data spiked last year. But approximately 70 percent of these breaches are due to a lack of PCI compliance. Following PCI-compliant standards for payment systems can dramatically increase security and reduce the threat posed by criminal hackers. Credit card processing should also be secured with technologies such as Level 3 processing, data encryption, and tokenization. Even if there is a data breach, for instance, encrypted information is unreadable by thieves.
Businesses can also take advantage of cloud-based security measures to avoid loss of valuable data. Unexpected loss may occur due to criminal interference or because of power outages, fires, floods, and hurricanes. But a secure cloud-based backup system can store data beyond the reach of those threats. If an office loses its on-site data, the business can still function by simply accessing the cloud. Cloud storage may also thwart crimes of extortion, where hackers steal on-site data and then demand ransom in order to release it back to businesses.
Hard copies of confidential paperwork always represent a security risk. They can be misplaced, damaged, copied by unauthorized persons, stolen from the trash, or simply deteriorate over time. Safely store all sensitive paperwork under lock and key in a climate-controlled environment, and limit access to only trusted individuals. But a more manageable strategy is to transfer those archived paper documents to digital format. That reduces the threat and also makes it much easier and faster to store, access, search, and share those documents.
If data is being shared or outsourced with third parties such as vendors, make sure they also observe strict security protocols. When transmitting sensitive data, encrypt it beforehand. There are many newer encryption software programs that can be used for communications including emails and text messages. That level of security can be extremely valuable – particularly for doctors, lawyers, accountants, or any business communicating confidential information.
CIS Critical Security Controls is a list of cyber defense recommendations compiled by the experts at the NSA and national law enforcement agencies. The list is constantly updated, based on new threats. The National Cybersecurity and Communications Integration Center (NCCIC) also offers timely alerts regarding cyber security, system vulnerability patches, and current best practices. Subscribe to their notices and utilize their resources and depth of expertise to bolster business security.
According to Harvard Business Review, the ultimate line of defense is employees who are trained in business security practices. An alert employee will often detect suspicious activity to avert a crime before it happens. Develop a security checklist and response plan and then teach administrators and other employees how to follow it. The best investment in security is an investment in personnel training and preparation.