Here come the holidays, and the hackers

store-credit-card-worthWhen the weather cools off, the snow flakes begin to appear in the air, and the retail stores are decked out in green bows, red ornaments, and silver tinsel. Big-ticket consumer purchases drive the big retailers towards profitability, and hacker stories dominate the news.

Last year, it was Kohl’s who lost millions of credit card numbers in an infamous data breech.  Hackers stole the personal data of Kohl’s customers, and of Target customers too.  Between November and December of 2014, about 450 million dollars worth of damage was done to the two retailers–and I was among the millions of consumers affected. You probably were as well.

The perennial barrage of hack attack news stories and subsequent replacement debit cards and credit cards serves to remind us all of something very important: digital fraud is very real, and it affects everybody.

So how can small/medium business owners and managers protect their own systems from the fraud, snooping, and impersonation hackers do? We all know the obvious stuff–like using anti-virus solutions and properly configuring an Internet firewall appliance, but how else can we take a strong posture against digital fraud?

First, if you run in-house servers, or if your company uses the Internet for any portion of its work (and what company doesn’t?), you should be utilizing a managed services solution such as Best Technology’s Sentinel.  This takes the diagnostic burden out of your server room and allows us to catch denials of service on your systems sooner than any other solution.

Second, make sure your computer users are engaged in a very strongly worded Acceptable Use Agreement. This type of employee covenant document defines what type of computer use is OK, and what kind is prohibited.  Not all employees may realize that using social networks, for instance, actually gives rise to security problems–unless you spell it out for them.  We can assist you in creating this important compliance document.

Third, choose software solutions that don’t require your employees to have any administrative rights in order to use them. Most of our clients who experience security issues and malware problems are stuck with software that won’t run correctly unless administrative rights are permitted for the software’s users.  This is a huge problem, because malware programmers and hackers can use this situation to very easily con users into executing malicious programs.  By selecting solutions that don’t require administrative rights, you can just about eliminate this type of security risk.

These are really just best practice tips–and there are more of them.  Give us a call to find out how to lock down your systems and save yourself the hassle, expense, and litigation associated with a data breech.