Entries with tag data security .

Protect Your Data

Somewhat shockingly, a recent study suggests that the data integrity of Internet users may be less secure than they think.  Consider the fact that 21% of Internet users reported having a social media or email account compromised.  Worse, 11% of online users have had personal information stolen such as a social security number, bank account information, etc.[1]  As such, we felt that a timely reminder on how to keep your data secure was in order.

Protect Your Password

We’ve all heard it time and time again.  Choose a strong password, change it frequently, and don’t select security questions that anyone with access to your Facebook profile could answer.  So, how do you choose a strong password?  Author Farhad Manjoo recommends that you select a phrase that’s easily remembered.[2]  For example, Disney World is my number one favorite vacation spot.  By taking the first letter of each phrase, this could easily be converted to DWimn1fvs.  Talk about a difficult password to hack!

Keep Your Virus Protection Software Up-to-Date

Just last year the Environmental Protection Agency had a security breach affecting nearly 8,000 users.  The breach included Social Security numbers, home addresses, and bank account information, and was caused by an email attachment with a virus.[3]  It’s easy to let virus protection software expire—offering no protection at all—or to allow virus definitions to become out-of-date.  Make sure that your software is constantly running in the background and that you are using the latest security patches.

Always Create Backups

Creating backups and storing them in the cloud is a great way to ensure that even if the worst occurs, you can still access your important files.  Contact us to learn more about disaster recovery and cloud storage services.  You can store and retrieve your files in a snap and never have to worry about losing important files again.

In short, you never want to take your data security for granted and preventing data leaks doesn’t have to be complicated.  With simple steps like these, you can avoid becoming a victim of identity theft, saving yourself lots of time, money and headaches.

Security Ultimately Depends on Trust

The growth of cloud computing is making people think harder about security—that’s not a bad thing.  Organizations need to know that their cloud provider can be trusted to store their data securely and comply with any regulations their business may be subject to.

Technical protection measures depend on two pillars—Access and Identity Management (AIM) to ensure that only authorized users are allowed onto the network, and encryption to make the data unusable if it is intercepted at any point.  These rely on long passwords and security keys because the computing power needed to crack them increases exponentially with the number of characters—this leads to an endless race to stay ahead of computing power.  For example, recently it was announced that security services used powerful computers to crack the AES 128-bit encryption that was generally regarded as the gold standard for securing data.  Now, security has moved on to 256-bit and 923-bit encryption.  Amazingly, even the 923-bit encryption was cracked in 2012 by Japanese researchers, but it required cutting-edge supercomputers and took them 148 days.

Encryption depends on treating your data as a series of numbers and performing predictable mathematical operations on it using other numbers, known as keys.  Someone has to issue and store the keys and the process is vulnerable to impostors intercepting that process (man-in-the-middle-attacks).  Often the computing power required means that the encryption process takes place in the cloud, so your data has to be stored in the clear while it happens.  The Edward Snowden news reminds us that the technicians have access to everything, so it’s important to choose a cloud provider you can trust.

At Scisbo, our partners understand our customers' security, regulatory, and compliance obligations.  Their operations are audited annually by multiple independent firms to comply with SOC, PCI, HIPAA, FISMA, and other regulatory bodies.  Their data centers are covered by dual-standard SSAE 16 and ISAE 3402, SOC 1 Type II, SOC 2 Type II, and SOC 3 reports.  Each facility complies with the PCI Data Security Standard for physical security, information security policies, and managed firewall service; they also comply with HIPAA and NIST 800-53 for environmental and physical security controls.  Additionally, they register annually for adherence to the US-EU Safe Harbor Privacy framework.  All of this means that you can rely on our partners' security.  To learn more, contact us—we’ll help you secure a cloud provider you can trust.

What hybrid clouds can do for your business

Many companies are looking at the possibilities of cloud IT systems but are not ready to take the big step of committing their whole business to cloud providers.  Hybrid cloud architectures, in which the existing in-house systems remain but are extended using add-ons in the cloud, can be a useful way to try out cloud services.  However, hybrid cloud is increasingly being seen as the ideal cloud architecture for the long term, rather than just as a step along the way to using only public cloud services.

Cloud services bring benefits of flexibility and scalability as servers, data storage and other facilities are shared between a number of users.  Your businesses can benefit from the service provider's IT skills in managing a virtualized infrastructure that reduces costs and carbon footprint.  However, some users have concerns about privacy and security.  Hybrid clouds offer the best of both worlds—critical data and applications are kept on your premises while low-cost public cloud services are used for more run-of-the-mill applications such as data storage and archiving.

New management tools allow the service provider and your IT manager to collaborate and to manage pooled resources so that you can extend the same applications, networking, management, operations and tools across both on-premises and off-premises environments with no modifications.

In addition to achieving the ideal balance of data security and cost reduction, hybrid clouds allow IT infrastructure to be scaled dynamically to match the workload.  This makes it easy to cope with short term peaks in demand such as during special events or promotions.  It also becomes possible to add new features, such as mobile access, without disrupting the on-premise systems.

5 Suggestions for Preventing Security Breaches

Following the recent Target data hack, now is a good time to evaluate your business’ data security.  For instance, there are some troubling statistics on how data breaches affect small businesses.  Did you know that 71% of security breaches target small businesses?[1]  And unfortunately, 70% of small firms that experience a data breach go out of business within one year.[2]  Most small business owners don’t take the threat of data security breaches seriously.  However, Lynn LaGram, assistant vice president of small commercial underwriting at The Hartford, says, “As cybercriminals set their sights on smaller firms, it is important for business owners to take proactive measures to protect data and minimize the likelihood of a breach.”[3]  Some suggestions:

Encrypt Data.  According to a recent study, 60% of businesses that had security breaches didn’t encrypt their data.[4]  Make sure your data is encrypted but don’t rely on that alone.  Although encryption is useful, it isn’t fail-proof. 

Hire a Pro.  An objective third-party security firm can provide you with an unbiased take on where the risks lie and what data security measures you need to follow.

Ask Only for What You Need.  Don’t collect information from consumers that you don’t require.  And reduce the number of places where your data is stored.  While you’ll always want to have a backup, you don’t want to increase risk by storing additional copies that aren’t necessary.[5]

Don’t Forget Your Employees.  While less common, data breaches also occur internally by employees, either accidentally or deliberately.  For this reason, employees should be on a need-to-know basis.  If they don’t require access to confidential information, it should be restricted.  Additionally, it’s a good idea to offer security training and to evaluate how employees are logging in remotely. [6]   

Screen Your Vendors.  Make sure that your vendors use best practices for managing confidential data.  Vendors who have access to your customer base’s confidential information should have systems and policies in place to avoid breaches.  If a vendor has a security breach, your customers will still hold your business accountable.  This is what happened to Target which, “found that hackers stole credentials from a vendor to access [its] systems and pilfer about 40 million debit and credit card numbers…”[7]

4 Tips for Protecting Yourself from Identity Theft

In light of Target’s recent disclosure that debit and credit card information from 40 million users was stolen this holiday season,[1] now seemed like an appropriate time to discuss how to protect yourself from identity theft.  While unfortunately, you can’t vet all retailers to find out how likely your personal information is to be hacked, you can take steps to minimize the likelihood of identity theft.  Our tips:

  1. Be Alert to Phishing

Phishing occurs when an illegitimate website mimics a real one, trying to obtain personal information.[2]  Spam or ad pop-ups are often used in phishing scams.  Before entering any information of a confidential nature, make sure you’re on a familiar website with security in place (look for the https, indicating your data is encrypted).

  1. Manage Your Passwords

It can’t be said often enough—a strong password contains a combination of lowercase and uppercase letters mixed with numbers.  Passwords should be site-specific, meaning they are unique on each site you visit.  And if you use a public computer to access the Internet, make sure that you log out of any website that you visit and clear your cookies.

  1. Guard Against Theft

Laptops, cell phones, and tablets are prime targets for thieves.  Make sure that you secure them appropriately and use a strong password on these items as well.

  1. Monitor Your Banking and Credit Card Transactions

Scan your banking and credit card statements for any suspicious activity.  While you can wait for a paper statement, it’s also easy to log in to your account periodically and review your transactions online.  Obviously, the more frequently that you’re checking these items, the less damage is likely to occur.

While we hope that you’re never a victim of identity theft, fortunately your liability is limited.  Your maximum liability for credit card theft is $50.  The same applies for your debit card if you report the theft within 2 days of your card being stolen.  With this in mind, it’s important to be proactive to prevent identity theft but if the worst occurs, know that your financial loss will be relatively small.

— 5 Items per Page
Showing 1 - 5 of 7 results.