It seems as if we hear about a major data breach every day, whether it’s a government entity, hospital or other medical institution, or a large retail outlet. Whether the breach occurs due to malware or a lack of external protections, companies are getting sloppy with their data.
In today’s highly competitive environment, all companies need to be proactive when it comes to protecting their customers’ confidential data. But the reality is, many companies aren’t proactive. They act as if a data breach won’t happen to them. They aren’t willing to spend the money or allocate the personnel to implement data protection and disaster prevention plans.
But this is not the smart decision. Many in the technology arena as well as the business arena advocate for making privacy protection a priority. If a business makes it a priority, it will stand out from the competition – and create long-term customers.
In the words of David Hoffman, Global Privacy Officer at Intel, “The added value of privacy is intrinsic no matter where your company sits in the digital economy. From consumer goods manufacturers to healthcare services entities, any business will benefit from proactively tackling privacy issues in one of three primary ways: protecting your brand, offering a competitive advantage from integrating privacy and security features into products and services, and creating new products and services designed to protect personal data.”
And don’t be naïve to think that if you are a victim of a data breach, no one will find out. There’s a website specifically for this purpose. The Privacy Rights Clearinghouse features a Chronology of Data Breaches and is updated on a regular basis – sometimes daily. The site’s tagline is “Empowering Consumers. Protecting Privacy.” Once you take a look, you’ll think of breaches differently.
Here’s the link: http://www.privacyrights.org/data-breach/new
There’s no doubt that a security breach can have a long-lasting impact on your organization, but your response time and quality of response can determine if your customers remain customers or choose your competitors. Don’t give them the option. Show them by your actions and your interactions (email, snail mail, text, phone call, etc.) that you value their privacy and will go the extra mile to protect their data. Don’t become just another statistic.
Make sure to change all your default passwords on all your web-facing devices such as routers. You’d be surprised how many people leave ADMIN and PASSWORD as their default logins and passwords. If not changed, this makes it very easy to break in to a system.
In addition, use multiple anti-malware detection systems. Not only do you need your antivirus and anti-malware, but use a secondary source, such as, Malwarebytes. Never, and I repeat, never use a free antivirus solution. These tools don’t include a software firewall or anti-malware, so half of your system is left open to attack. The is one exception to the “no free rule,” and that’s Malwarebytes because it does only one thing AND it runs with your existing antivirus/anti-malware program.
Be sure that you turn on heuristic scanning in your antivirus software. Heuristic scanning uses behavior to find viruses, whereas, standard antivirus just uses signatures that the antivirus company sends you via download on a consistent basis.
To learn more about heuristics, here’s what Wikipedia says, “In computer science, artificial intelligence, and mathematical optimization, a heuristic is a technique designed for solving a problem more quickly when classic methods are too slow, or for finding an approximate solution when classic methods fail to find any exact solution. This is achieved by trading optimality, completeness, accuracy, or precision for speed. In a way, it can be considered a shortcut.”
“Many virus scanners use heuristic rules for detecting viruses and other forms of malware. Heuristic scanning looks for code and/or behavioral patterns indicative of a class or family of viruses, with different sets of rules for different viruses. If a file or executing process is observed to contain matching code patterns and/or to be performing that set of activities, then the scanner infers that the file is infected. The most advanced part of behavior-based heuristic scanning is that it can work against highly randomized polymorphic viruses, which simpler string scanning-only approaches cannot reliably detect. Heuristic scanning has the potential to detect many future viruses without requiring the virus to be detected somewhere, submitted to the virus scanner developer, analyzed, and a detection update for the scanner provided to the scanner’s users.
Here’s the link: http://en.wikipedia.org/wiki/Heuristic_%28computer_science%29
Check out the inspiration for this post:
“Privacy Is a Business Opportunity” by David Hoffman via Harvard Business Review:
Image Credit: Stuart Miles via FreeDigitalPhotos.net
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. I’ve been compensated to contribute to this program, but the opinions expressed in this post are my own and don’t necessarily represent IBM’s positions, strategies or opinions.