It’s time to face a harsh reality: if you have information that has been stored online—from a retailer, bank, mail carrier, barbershop, whatever—it’s in danger of being stolen. Not life threatening “get to higher ground” kind of stuff, but it’s definitely worrisome as more and more reports show up every day of companies getting hacked and their customer data being stolen.
Here’s a hot tip for protecting yourself online: You can’t. Sorry.
If you do online bill paying, have ever purchased something from an online retailer, or even entered your information into a form somewhere, that stuff can and probably will be stolen at some point. That’s the world we live in now—at any time, someone can just hack into a company’s database and swipe all that sweet, sweet info to sell online for like a dollar per Social Security number or something ridiculously deflated. I’M WORTH MORE THAN THAT, DAMMIT.
Hospitals aren’t safe, major retailers aren’t safe, mail carriers aren’t safe…heck, your local traffic light is being hacked right now.
The best you can hope for is that the companies you trust with your info have the Terminator, Predator and the alien from Alien guarding their databases online—otherwise, you’re screwed, and there’s nothing you can do about it.
Think about it like this: You live in an apartment complex, with a giant wall surrounding the whole complex. You have your little apartment with all your stuff in it, and you have a lock on your door (a.k.a your password). If a thief gets over that wall, you might think, “Well, my locks will protect me,” but the thief is already still inside the complex and will eventually find their way into your apartment, whether it’s by a window or kicking the door down.
The main issue is that the “wall” needs to be better secured. Keep potential thieves on the other side of that wall and everything is cheery. Companies—especially those entrusted with important, personal information—need to take the steps to ensure the safety of that data.
There’s a few ways of going about making it harder for potential hackers to get in your system. For starters, limiting the amount of people who have access to your infrastructure is a great start. The majority of breaches come from phishing scams over corporate e-mail servers, where employees will openly give away their passwords and information to e-mails they believe are coming from other employees.
Most operating systems—especially those installed on servers—come with administrator privileges that allow the administrator to designate certain profiles to do certain tasks, as well as limit and monitor those profiles for any suspicious activity. Limiting the use of BYOD (Bring Your Own Device) to only vetted, important staff is a great way to keep security high, as people’s personal devices might be a bit more liberally used than company devices. Basically, dumb people shouldn’t be allowed access to important stuff.
Firewalls, frequently updated anti-virus software, and protocols in place for actual breaches can go a long way in securing your systems from the evils of the Internet (and the Russian hacking groups. And the Chinese hacking groups too).
Security is going beyond the server room and right into the board room, and as breaches happen more frequently, the top-level executives will begin seeing hits to their bottom dollar as customers take their business to other, more secure companies.
For more information contact Chris L.