Kevin J Goodman
There are 1,001 ways to rob the bank. You have to come up with 1,002 ways to prevent it. When it comes to cyber security, the small shops seemingly fare better than their bigger brethren. The old adage of “The bigger you are, the harder you fall” seems to hold true in cyber security (at least in the press reporting), as larger stores seem to have more to lose and are a higher-profile target. Still, many studies show that approximately 75 percent of data breaches occur outside of large enterprise environments.
If you or your company is a victim of fraud, you want to limit your exposure and ensure that your bank and others are on your side. Know your bank and its policies. Shop around for cyber protection, not just interest rates. Your liability limit for credit vs. debit card is a consideration that must be understood. Although there is really no one-size-fits-all, effective short list of checking a proprietor or how to behave in the digital era, it is wise to look for and be a company that exhibits best practices. The best defense in controlling your destiny around cyber and mobile security is to clearly understand and know your risk exposure. As a culture, we trust that, while impulse buying, our information and transaction is secure. The truth is we never know. Think of the adage, “Nothing is truly free,” including mobile apps. Be mindful of the personal information you give mobile app providers. Many free apps sell your information to a wide range of companies, some of which may have malicious intents. Studies have shown most apps do not have many, or even any, security controls built in. Check privacygrade.org to see if the app you want respects your privacy and has security built in.
Be smart about ‘smart’ devices
Be cautious with new “smart” devices. A wide range of new and unique gadgets — from socks to smart cars — connect you directly to other entities (and even to the Internet) to automatically share information about your activities, location, and personal characteristics. Before using such devices, know which data they are collecting, how it will be used, and with whom it will be shared.
Think before you write
There is much that we can do on our own side to assure privacy, security, and mitigate risk. The fact is every person is vulnerable to hackers, as evidenced by the reputation damage suffered by several Sony Pictures executives whose emails were leaked to the public. Things you may think are cute, funny or private, when exposed to a broader audience out of context, can paint a public picture of a person you are not. This can be disturbing and unfair. Remember: You should never put anything into an email – especially your work email — that you would not want the entire world to be able to see if that message is not encrypted.
Vendor trust becomes paramount as more services move to the cloud and risks increase. We simultaneously open our network perimeters to third parties. We are trusting more information to outside organizations, but we must trust and verify. You can’t outsource accountability. Be open to outsource to providers who are third-party audited and hold various certifications; do not run a cybershop on your own and without expert consultation and regular updates. Anti-virus companies offer software that will scan your website for malware and alert you of any breach. Entrepreneurs and consumers both could consider using security as a differentiator over their competitors. Car manufacturers tout how safe their cars are; businesses can lead with a commitment to security and privacy.
Kevin Goodman is the managing director, partner with BlueBridge Networks, a downtown Cleveland-headquartered data center business. He can be reached at (216) 621-2583 and firstname.lastname@example.org and via kevinjgoodman.com.