Why Your Business Requires Security

The States and Federal Identity Theft and Privacy Protection Laws now require businesses, agencies and organizations of all sizes to protect all personal information they store, and report to all their customers whenever a breach occurs. The financial ramifications after having a data breach can be very substantial to both present and future business. In some many cases a company never does recover from a breach and is forced to close down. Currently, the average cost on a company is $3.7M per incident.

Archive for Employee Security

Oct
05

“So many paper shredders, but what’s right for me?”

Posted by: | Comments Comments Off on “So many paper shredders, but what’s right for me?”

FACTA requires secure disposal of documents that contains a customer’s or employee’s personal information. Shredding is one of the easiest ways to start protecting your company from a violation. With so many different shredders and options on the market, Nancy Heaton of Fellowes will help explain how to match the shredder to your business environment.

Click here to listen to the interview with Nancy Heaton: Fellows

Comments Comments Off on “So many paper shredders, but what’s right for me?”
Jul
22

Found USB Drive in Parking Lot

Posted by: | Comments Comments Off on Found USB Drive in Parking Lot

I was recently told of a story of an incident that happened a few weeks ago. However, this is not the first time I have heard the tale. An employee is walking through the parking lot and finds a USB stick on the ground. Fearful that it might be important information of a colleague, the employee picks up the stick and takes it back to his office. To determine who is the owner, the employee inserts the drive into his computer and opens up the folders thinking that its contents will identify the owner.

WAM – the entire company’s network is infected with a new virus that the anti-virus program did not recognize.

The dropping of virus seeds in the way of USB drives is a very common attack. Drives are left in corporate lobbies, doctor’s offices, parking lots, restaurants, any place where people gather. The thieves are counting on Good Samaritans to help their follow man or woman.

Employers need to inform their employees of the following procedures:

1. If they find a USB drive never have them put it into their computer

2. They should give the drive to IT to determine what they want to do with it.

3. If there is no IT dept either drob the drive into the garbage or first smash it with a hammer before dropping it into the garbage.

4. Don’t worry that someone will loose important data. They probably have backup and if they don’t they soon will; and if there was confidential data on the device you just saved the company’s customers from a data breach.

Comments Comments Off on Found USB Drive in Parking Lot
Jul
22

Medical ID theft is nothing to sneeze at

Posted by: | Comments Comments Off on Medical ID theft is nothing to sneeze at

Below is a report from the Smart Card Alliance on Medical Identity Theft. While the info is staggering the walk away points for me is the migration to PHRs, EHRs and HIEs. Security has to start at the very beginning and that is where a secure token and password manager combination work well together.

Medical Identity Theft in Healthcare

Publication Date: March 2010

While identity theft is a global issue that garners much media attention, most do not realize that medical identity theft is a serious and growing threat. Many authorities consider medical identity theft one of the fastest growing crimes in America. With the Read More→

Comments Comments Off on Medical ID theft is nothing to sneeze at
May
02

Technology Companies Must Incorporate Security Engineers

Posted by: | Comments Comments Off on Technology Companies Must Incorporate Security Engineers

All technology developing companies must incorporate security engineers before bringing new products to market. Anything less is just plain irresponsible and greedy. It pains me to criticize my fellow technology brethrens, but privacy theft has to be stopped. Read More→

Comments Comments Off on Technology Companies Must Incorporate Security Engineers
Apr
20

It’s 10pm, do you know where your PII is?

Posted by: | Comments Comments Off on It’s 10pm, do you know where your PII is?

The federal government recently published a guide on protection Personal Identifiable Information (PII). There are two aspects to PII that every company must be aware of:

1) What information information is considered confidential, &

2) Where this information is stored in the company. Read More→

Comments Comments Off on It’s 10pm, do you know where your PII is?
FLEXCAP
SiteLock