It’s a common myth that hackers only target large corporations. The fact is, only about 40 percent of breaches impact large organizations. Hackers don’t focus solely on the retail and banking industries either even though these are typically the most publicized. Unfortunately, every company is at risk, especially those who practice negligent data security. A recent study by Verizon’s 2016 Data Breach Investigation reveals that data breaches affect all sectors (38 percent targeted financial institutions, 22 percent retail, 20 percent manufacturing, transportation and utilities).
These universal tips could help keep you safe:
Create and enforce password policies
This one seems obvious, but even in 2016, 63 percent of data breaches are simply due to weak, default or stolen passwords, according to Verizon’s 2016 Data Breach Investigation Report. That online shopping outlet you like requires account passwords with eight characters and a number, doesn’t it? If you value data security, so should you, at the very minimum. Many IT providers recommend using 16-digit passwords.
Require frequent password changes (every few months) and conduct audits. Remember, policies are useless unless enforced. Yeah, passwords are terrible. But until they can be replaced with affordable biometric technologies, they need to be done right.
Audit third-party risks
If you outsource your IT or use a VPN:
- Steer clear of free VPNs; they monetize data by logging your activity and using it for marketing purposes
- Find trustworthy reviews before choosing a provider
- Ask about their security and privacy practices, and whether or not they cover data breach damages
- Conduct audits and assessments of your service providers
Implement multi-factor authentication where necessary
MFA is one of the most effective measures of preventing threats from gaining access to networks. MFA systems traditionally required physical keys, but today, employ many different, practical methods like sending an SMS (text message) to a user that expires after a short period of time. It’s important to note that MFA systems do not compensate for weak passwords.
Employ a “white hat” hacker to test company secuirty systems
White hat hackers help companies by finding holes in security before the bad guys do. Utilizing white hats is an increasingly common practice and can help show you where your security is lacking.
Create a plan of action in the case of a data breach
Understand your protocol. What policies and procedures are in place? What are the risks and how can they be mitigated? While preventing data breaches is imperative, eliminating all risks is nearly impossible. Being prepared in the case of a data breach is of equal importance to preventative measures.