Why Your Business Requires Security

The States and Federal Identity Theft and Privacy Protection Laws now require businesses, agencies and organizations of all sizes to protect all personal information they store, and report to all their customers whenever a breach occurs. The financial ramifications after having a data breach can be very substantial to both present and future business. In some many cases a company never does recover from a breach and is forced to close down. Currently, the average cost on a company is $3.7M per incident.

Archive for Business Security

May
04

Identity Theft Affects Email Marketing

Posted by: | Comments Comments Off on Identity Theft Affects Email Marketing

The economy, layoffs, fear and everything else that are making people nervous about the future has also lead to a rapid increase in small internet businesses popping up. With today’s  tools a person could potentially have a business up and running in hours. However…

Identity theft has raised the bar in blocking access to your new and existing customers using email marketing campaigns. In the past we may have found spam annoying as it filled up our in box, but with phishing, pharming, social media spying, etc.  all being used to steal one’s personal information, it’s gotten to the point of customers not opening, blocking and erasing all correspondences (legitimate or not). Hey, better safe than sorry.

All the so-called business cost savings that can be achieved using electronic media may be flying out the window. Aweber, Constant Contact, and others all have great products and these attacks are not their fault. Just realize that their identity has also been stolen: their brand. But as a business owner do you want to pay monthly service fees if all your marking efforts only end up in eTrash.

So, before starting a large, expensive email marketing campaign, determine if your customers will even read or click onto anything you send them. Maybe the new way to keep your customers informed is by creating a blog and posting your information and stories there. This strategy forces your customers to come to you and keeps them in control.

Comments Comments Off on Identity Theft Affects Email Marketing
May
02

Technology Companies Must Incorporate Security Engineers

Posted by: | Comments Comments Off on Technology Companies Must Incorporate Security Engineers

All technology developing companies must incorporate security engineers before bringing new products to market. Anything less is just plain irresponsible and greedy. It pains me to criticize my fellow technology brethrens, but privacy theft has to be stopped. Read More→

Comments Comments Off on Technology Companies Must Incorporate Security Engineers
Apr
20

The Cloud Goes Green, but is it Secure?

Posted by: | Comments Comments Off on The Cloud Goes Green, but is it Secure?

Recently I received an invite to a webinar discussing how companies are transforming their business by using more cloud-like infrastructure. The argument is that it saves the company’s enery and reduces their carbon footprint.

While I am not here to dispute these claims, I do warn any company that migrates to more cloud infrastructure to make security of the data paramount in their plan. Especially with the many state and federal privacy protection laws on the books. As been blogged about before, the average cost on a company from a data breach in 2009 was $6.7 million per incident. Read More→

Comments Comments Off on The Cloud Goes Green, but is it Secure?
Apr
20

It’s 10pm, do you know where your PII is?

Posted by: | Comments Comments Off on It’s 10pm, do you know where your PII is?

The federal government recently published a guide on protection Personal Identifiable Information (PII). There are two aspects to PII that every company must be aware of:

1) What information information is considered confidential, &

2) Where this information is stored in the company. Read More→

Comments Comments Off on It’s 10pm, do you know where your PII is?
Mar
04

The law may consider your business a bank!

Posted by: | Comments Comments Off on The law may consider your business a bank!

There’s an interesting post over at Krebs On Security talking about some poor company that is going bankrupt because TD Bank allegedly will not give them their money back after it was stolen out of their account. Now, I wish I could say this concept is totally foreign to me, but unfortunately this isn’t the first time I’ve heard this story. I’m under NDAs not to describe the people involved, or the bank involved, but the important details are nearly identical to this story. Why is this happening?

There is a little known code call the UCC (Uniform Commercial Code) that essentially says that if you are a business and you want to do wire transfers you are essentially to be treated as a bank. You are probably wincing right now, because it’s just as stupid as it sounds. Note that this is not true for consumers – but even if your business consists of even one person, you still are treated as a bank. As such, if your company has money wired out of it’s account, the bank isn’t to be held liable – or at least that’s been their argument. This is happening all the time, so why aren’t we hearing about it all the time? Well that leads me to the worst part of this story.

The banks have essentially two options if a company takes them to court. They can win the case, or they can lose the case. If they win, that leaves the company in question free to say and do whatever they want (as is the case with TD Bank above). If they loose the case, it essentially creates precedence and can open the bank to class action lawsuits to overturn the UCC. Either way, it’s a bad day for the bank. So they opt for the third choice which is to delay the inevitable. They make these poor businesses wait for sometimes years before they will begrudgingly settle for somewhere shy of the full amount. Sometimes companies just give up, and sometimes they take the money and sign the NDAs. Either way, that’s a much better outcome than letting something get litigated. So yes, those poor companies are getting the run around, and we don’t get to hear about it because at the end of the day they are all signing NDAs.

So, if you run a company, be prepared for the worst when it comes to how the bank is going to treat you if someone steals your money. There don’t appear to be any safeguards other than individual contracts you might be able to get your bank to sign and agree to. However, if anyone happens to work for a bank, and can guarantee that money held there will be treated just like physical cash (and reimbursed just like if it is stolen out of the vault), I’m sure companies would flock to you – I know a lot of small businesses that would like to know that their money is safe, and right now, it just isn’t with TD Bank and their ilk. In the meantime, I sort of hope some lawyer is salivating at the prospect of a class action suit.

Categories : Business Security
Comments Comments Off on The law may consider your business a bank!
FLEXCAP
SiteLock