1-888-643-2217 Email ABEX
Keeping you updated

Monthly Archives: October 2014

Guard Your Data When Using Mobile Apps

app_icon_applicationsApps can do pretty much anything—they can find the best local restaurants, chart the quickest routes through snarled city traffic and track weight loss. Unfortunately, they can also steal your data.

In order for apps to do the convenient, beneficial things they do, they use customers’ personal information, such as physical location, contact details and passwords. Unscrupulous data thieves can steal your employees’ devices and gain access to this valuable information, or they can siphon it through a rogue app that your employees downloaded without knowing it was malicious. Hackers do this by adding their own illegitimate elements to a popular app and then offering it for free on a ‘bulletin board’ or through a fake online store. Once employees download the phony app, hackers may have unfettered access to their devices.

To help thwart data theft attempts, encourage your employees to follow these tips for securing personal information when using apps:

  • Download apps only from official, trusted stores. Be extremely wary of apps from unknown sources.
  • Read the information about an app in the app store before downloading it. Verify that you are comfortable with the amount and type of personal information it will be using.
  • Clear out unused apps regularly—inactive apps are an open invitation to thieves. If you no longer use an app, uninstall it.
  • Install mobile security software to defend your device.
  • Erase any apps from the device before you recycle, resell or donate it, since they may have access to your personal information. Activate the “factory reset” option in the device’s settings.

 

© 2014 Zywave, Inc. All rights reserved.


43% of companies had a data breach in the past year

Cyber CrimeSource: www.cnbc.com

A staggering 43 percent of companies have experienced a data breach in the past year, an annual study on data breach preparedness finds.

The report, released Wednesday, was conducted by the Ponemon Institute, which does independent research on privacy, data protection and information security policy. That’s up 10 percent from the year before.

The absolute size of the breaches is increasing, said Michael Bruemmer, vice president of the credit information company Experian’s data breach resolution group, which sponsored the report.

“Particularly beginning with last quarter in 2013, and now with all the retail breaches this year, the size had gone exponentially up,” Bruemmer said.

He cited one large international breach few Americans have even heard about. In January, 40 percent of South Koreans—a total of 20 million people—had their personal data stolen and credit cards compromised.

The breach was caused by a worker at the Korea Credit Bureau, which provides credit scores to Korean credit card companies.

While shadowy hackers in Eastern Europe often get the blame for these attacks, more than 80 percent of the breaches that Bruemmer’s group works with “had a root cause in employee negligence,” he said.

“It could be from someone giving out their password, someone being spear-phished, it could be a lost USB, it could be somebody mishandling files, it could be leaving the door to the network operations center open so someone can walk in,” he said.

Despite the rise in breaches, 27 percent of companies didn’t have a data breach response plan or team in place, though that’s down from 39 percent who didn’t have them in the previous year’s survey.

Even in companies that have breach plans in place, employees aren’t convinced they will work. Only 30 percent of those responding to the survey said their organization was “effective or very effective” at creating such plans.

One reason might be that few companies seem to take the need seriously. Of the companies surveyed, just 3 percent looked at their plan of action each quarter. Thirty-seven percent hadn’t reviewed or updated their plan since it was first put in place.

The statistics don’t surprise Ted Julian, chief marketing officer with Co3 Systems in Cambridge, Mass. His company does cyber incident response management.

“Most organizations, and I’m only talking the sophisticated ones, have done a little but it’s not enough,” he said.

Breaches are now just a part of life and yet when they happen too often companies pull out “a dusty incident response plan that hasn’t been touched in two years,” Julian said.

The survey was conducted in 2014 and included 567 U.S. executives, most of whom reported to their company’s information security officers.


Is Your Website Secure?

Best Internet Concept of global business from concepts seriesIn the wake of several high-profile cyber security scandals and the widespread Heartbleed security bug, website security is more important than ever. Without a concerted effort to safeguard your business’ website, you risk losing money due to relentless cyber attacks.

Because hackers are constantly searching for new website vulnerabilities and engineering new viruses, website security should be a round-the-clock concern—the threat will never ebb. The consequences of weakening your stance on website security, even for a second, can be disastrous: loss of revenue, damage to credibility, legal liability and broken customer trust.

Web servers, which host the data and other content available to your customers on the Internet, are the most targeted and attacked components of a company’s network. Some specific security threats to Web servers include the following:

  • Cyber criminals may exploit software bugs in the Web server.
  • Attackers can disable a network by flooding it with information.
  • Hackers may secretly read or modify sensitive information on the Web server.
  • Criminals could gain unauthorized access to resources elsewhere in your business’ network following a successful attack on the Web server.

To avoid similar threats to your website’s security, follow the steps listed below:

  1. Develop and implement a data breach response plan.
  2. Ensure that the Web server operating systems and applications meet your organization’s security requirements.
  3. Publish only appropriate information.
  4. Prevent unauthorized access or modification on your site.
  5. Protect and monitor Web security at all times.

Rely on ABEX for expert, timely guidance on cyber security.

 

 

© 2014 Zywave, Inc.


Blog

FOLLOW OUR BLOG

Receive notifications of new posts automatically.



ABEX - AFFILIATED BROKERS EXCHANGE IS ON FACEBOOK.

Like us on Facebook

Connect with us on LinkedIn