Written by Jay Kiel, President at Lockmann Krane International

Today’s business world is driven by information technology.  It is the lowest common denominator across most industries.  Organizations plan, make decisions, and succeed using the valuable data stored in their technology solutions.  Your ability to protect this data is paramount.

Three data security priorities to keep in mind:

1. Phishing:  These attacks can be simple and obvious, or subtle and devastating.

2. Updates and Patching:  In other words, good network hygiene!

3. Data Backups:  Without them, you could be out of time, money, business, or worse: All three.

Phishing

Phishing is a fraud technique.  It attempts to lure you into disclosing your own data to an unauthorized party.  The goal is usually a short-term financial gain, but can lead to identity theft or even compromise your entire network.

What are offenders looking for?

• Names, addresses, phone numbers

• Social security numbers

• Usernames

• Passwords

• PIN’s

• Account numbers

• Other personal information

What does phishing look like?

Phishing emails are harder to recognize than before.  Suspicious messages with fuzzy logos and “You won!” subjects are less common.  Modern criminals phish with real logos, use your name, and may even offer a way to “verify this urgent matter”.  Emails can also appear to be from people or companies you know.

Phishing emails may include:

• Account closure threats

• Requests for funds

• Disguised links

• Attachments

• COVID-related information

You should NEVER:

• Reply

• Provide personal information

• Click any links

• Open any attachments

If you are unsure of an email, contact your IT department for help.

Updates and Patching

Updates optimize your network, fix bugs, and maintain security.   When your system is not patched and updated, you not only run the risk of poor performance – you increase your vulnerability to malicious programs.  Verifying that updates are downloading and installing properly lessens this risk.

Software plug-ins (such as Java and Adobe Reader), operating systems, applications, and even Microsoft Office all rely on updates.  By keeping your system patched, you keep things running smoothly while reducing your network’s attack surface.

Data Backups

Taking preventative measures is essential to protecting your information.  You also need to secure backup copies of your data.  If your system is compromised, a backup can prevent a total loss of your critical files, documents, and settings.  

Always have three copies:

1. A copy on your computer or network

2. A local copy (for rapid restore)

3. An offsite or cloud copy (in case of a facility-level problem that prevents access to your other copies like flooding, fire, etc.)

The backup system should be monitored and tested regularly to ensure it is backing up all critical data properly.

Building a Security-Aware Culture

You’ll need your team on board, too!  Educate and empower your staff to recognize security threats.  When you promote awareness of these threats, you embed security in their minds.  You can build a Security-Aware Culture that enables your team to work together in the pursuit of protecting the information that keeps you in business.  Computer gear can be replaced.  Programs can be reloaded.  Your data is irreplaceable.