While many companies have some security protections in place to prevent financial and data losses, here are three things you should be doing to protect your company and prove to your customers you are doing everything you can to keep their data safe:
#1 Don’t allow employees to access company data with personal devices that aren’t monitored and secured by YOUR I.T. department.
The use of personal and mobile devices in the workplace is exploding. Thanks to the convenience of cloud computing, you and your employees can gain access to pretty much any type of company data remotely; all it takes is a known username and password.
Employees are not even asking if they can bring their own personal devices to work (BYOD) and are using their smartphone for just about everything. Unfortunately, this trend has DRASTICALLY increased the complexity of keeping a network – and your company data – secure.
In fact, your biggest danger with cloud computing is not that your cloud provider or hosting company will get breached (although that remains a possibility). Your biggest threat is that one of your employees accesses a critical cloud application via a personal device that is infected, thereby giving a hacker access to your data and cloud application. So if you ARE going to let employees use personal devices and home PCs, you need to make sure those devices are properly secured, monitored and maintained by a security professional. Further, do not allow employees to download unauthorized software or files.
One of the fastest ways cybercriminals access networks is by duping unsuspecting users to willfully download malicious software by embedding it within downloadable files, games or other “innocent”-looking apps. Here’s the rub: most employees won’t want you monitoring and policing their personal devices; nor will they like that you’ll wipe their device of all files if it’s lost or stolen - but that’s exactly what you’ll need to do to protect your company.
Our suggestion is that you only allow employees to access work-related files, cloud applications and e-mail via company-owned and monitored devices, and never allow employees to access these items on personal devices or public WiFi.
#2 Don’t Scrimp On A Good Firewall.
A firewall acts as the frontline defense against hackers blocking everything you haven’t specifically allowed to enter (or leave) your computer network. But all firewalls need monitoring and maintenance, just like all devices on your network or they are completely useless.
This too should be done by your I.T. company as part of their regular, routine maintenance.
#3 Protect Your Bank Account.
Did you know your COMPANY’S bank account doesn’t enjoy the same protections as a personal bank account?
For example, if a hacker takes money from your business account, the bank is NOT responsible for getting your money back. (Don’t believe me? Go ask your bank what their policy is on refunding you money stolen from your account!)
Many people think FDIC protects you from fraud; it doesn’t. It protects you from bank insolvency, NOT fraud. So here are 3 things you can do to protect your bank account:
First, set up e-mail alerts on your account so you are notified any time money is withdrawn. The FASTER you catch fraudulent activity, the better your chances are of keeping your money. In most cases, fraudulent activity caught the DAY it happens can be stopped. If you discover even 24 hours after it’s happened, you may be out of luck. That’s why it’s critical that you monitor it daily and contact the bank IMMEDIATELY if you see any suspicious activity. Second, if you do online banking, dedicate ONE computer to that activity and never access social media sites, free e-mail accounts (like Hotmail) and other online games, news sites, etc. with that PC. Remove all bloatware (free programs like QuickTime, Adobe, etc.) and make sure that machine is monitored and maintained behind a strong firewall with up-to-date anti-virus software.
And finally, contact your bank about removing the ability for wire transfers out of your account and shut down any debit cards associated with that account. All of these things will greatly improve the security of your accounts.
When it comes to protecting your patient data, these three things are just the tip of the iceberg.
Here are 7 Urgent and Critical Protections Every Healthcare Organization Must Have in Place NOW to Protect Themselves From the Tsunami of Cybercrime.
