December 22, 2016

12 Days of Security: This Year’s Leading Security Concerns and Solutions

The festive season is well underway and while many employees will soon be taking time off, the importance of data protection never takes a holiday.

Here are 12 days of leading online security concerns and solutions:

Day 1 - Phishing Emails  

On the first day, make sure employees know that phishing is one of the top scams of the season. Verizon’s 2016 Data Breach Investigations Report showed that 30% of phishing messages are opened and 13% of those are clicked to open malicious attachments or links. Watch out for fake purchase invoices, shipping notifications and surveys – and delete.

Day 2 - Social Media Shares

On the second day, be wary of posting office vacation schedules, personal travel dates, and other confidential ‘news’. Information thieves use social media to research people and places for identity theft crimes.   

Day 3 - Employee Errors

On the third day, address the fact that employee error (and malicious insiders) still account for almost two-thirds of security incidents, according to the Second Annual Data Breach Industry Forecast. For year-round data security, implement a culture of security and provide on-going security training.

Day 4 - Passwords  

On the fourth day, start following good password hygiene. The Verizon report showed that 63% of data breaches involve weak or stolen passwords.  

Day 5 - Confidential Information

On the fifth day, ask employees if they really need to take home a USB flash drive containing confidential data over Christmas? The 2015 Data Protection & Breach Readiness Guide recommends that organizations audit, inventory, and address all removable devices.

Day 6 - Unauthorized Apps

On the 6th day, remind employees that cyber attack incidents resulting from downloaded software applications continue to escalate. Equip devices with security software, and restrict the practice.

Day 7 - Encryption 

On the 7th day, be sure all mobile devices have encryption. According to the 2016 Shred-it State of the Industry Report, encrypting all electronic devices is an important step in securing information from attackers.

Day 8 - Public WiFi

On the 8th day, teach employees that when using public WiFi, any information sent over the internet will be even more vulnerable to information thieves. Protect online security by restricting WiFi usage on company-provided mobiles devices.  

Day 9 - Lost Mobile Devices

On the 9th day, educate employees about other mobile device best practices. What’s most important is to never leave mobile devices unattended in cars and public places.

Day 10 - Visible Risks  

On the 10th day, make sure employees remove and lock up confidential information before leaving for the holidays. Implement and enforce a Clean Desk Policy.

Day 11 - Internet of Things (IoT)  

On the 11th day, remind everyone that IoT connectivity and points of vulnerability just keep growing. Emphasize risk management and security in the workplace and with third party vendors.

Day 12 - Document Disposal 

On the 12th day, be sure information that is no longer needed is securely destroyed. Information thieves target legacy and stored media as well as garbage and recycling bins. After the holidays, bring confidential paper and digital documents back to the office for secure disposal and destruction. Physical destruction permanently destroys data on paper and hard drives.

Start the New Year right by making sure your organization is up on all the latest data protection best practices.