By Brian McGinley,
On this blog we’ve talked about security as a path taken, rather than a destination reached. Over the next three posts we’re going to look at 21 concrete steps to walk down that path.
Reviewing these recommend steps will help you better understand the risks posed to your business.
1. Understand Your Threat Environment—Operating Risk vs. Fraud
With so many scam artists and identity thieves infiltrating the web these days, I’ve learned to become extremely suspicious of any emails, Facebook messages and direct “tweets” requesting personal identifying information. I automatically filter all spam messages and delete any and all online communication requesting my Social Security number, bank account information or credit card number. If anyone needs my information that badly, they can just call me.
But recently, my ID theft radar made a false assumption—and I don’t think I’m alone.
By Matt Cullina,
I just returned from a business trip to Puerto Rico, where the government took precautions and declared a state of emergency to prepare for tropical storm Emily.
Though Emily brushed past the island, weather forecasters are watching to see if it will pose a significant threat to Florida.
Government officials and relief agencies aren’t waiting for a news bulletin to prepare for the worst—even if Emily fades and it’s only an exercise in caution.
Meteorologists expect this to be an above-average hurricane season, according to a from NOAA’s Climate Prediction Center.
Intelligent businesses walk the security journey every day, whether management models security-smart behavior in the office or IT stays abreast of the latest technology developments. But for newcomers those first steps can feel like major leaps, especially if it involves getting coworkers, employees and executive management on the path.
Discussion prompts action, and I’ve found over my years in corporate management and data security that these four simple questions can often get the ball rolling: (more…)
The recent revelations regarding the outrageous escapades of certain News Corp. subsidiaries, and the employees thereof, have been so scandalous as to capture and dominate the attention of the worldwide media for several weeks. For once, most Americans began to follow business news with the obsessive fascination normally accorded “Jersey Shore” and “Keeping Up with the Kardashians.”
This story has everything: the resignations and apparent bribery of high Scotland Yard officials; the arrest of very prominent editors and “journalists”; and the amazingly brazen invasion of the privacy of the Prime Minister of England. But it doesn’t just involve prominent names like David Cameron or Gordon Brown or even Rupert Murdoch (probably the most famous and powerful of the three.) It involves the invaded privacy of both fallen and returning soldiers and their families, the compromise of the sanctity of a child’s medical records, the attempted bribery of American law enforcement officials to obtain access to cell phones of the September 11 dead; and even, most pitifully, the manipulation of family members of an abducted 13-year-old girl who were misled into believing that their daughter was still alive because her cell phone messages were erased after her abduction—and of course after her death. (more…)
Two CD-ROMs containing the private information of 34,000 investment clients of Morgan Stanley Smith Barney still have not been found, but the controversy over who’s to blame for the data breach continues to grow. In statements to Credit.com, Morgan Stanley and the New York State Department of Taxation and Finance blame each other for the mess.
“We were notified by the state that the package appeared to be intact when it arrived at the facility, however the discs were not contained in it when it was given to the intended recipient” inside the department, Jim Wiggins, a spokesman for Morgan Stanley Smith Barney, told us.
If you use online or mobile banking, you may be interested to know six federal regulators teamed up recently to make your accounts more secure. New rules from the Federal Financial Institutions Examination Council (FFIEC) require banks to take extra steps to make sure that the person signing into your account is actually you.
The rules require banks to apply the same anti-fraud measures used for bank websites to mobile devices. They also include surprisingly frank descriptions of the big risks inherent to any mobile or online bank transaction.
Data breaches are an everyday occurrence affecting millions of Americans each year.
They’re all vulnerable to identity theft and other fraud because their personally identifiable information (PII), such as a birth date or Social Security number, for example, was exposed. That information could be used to commit financial fraud.
What should you do if this happens to you? The first step is to call your insurance company or bank to see if you qualify for . We’ll help you assess your risk and, if warranted, take steps to make you less vulnerable.