Thursday, June 18, 2009

Cyber Security

For many business owners, the line between their personal identity and that of their business is, at best, blurred. So when it comes to protecting themselves from identity theft, they have twice as much to lose. And if you think shredding your credit card statements and keeping your Social Security card locked away in your safe is doing enough, you are mistaken.

The biggest challenge for many entrepreneurs is that many times, they build their company's credit on the back of their own. People don't know the company, so typically the entrepreneur is working off that personal credit to start out with. It's critical that they keep that good credit, and if they become a victim of identity theft personally, it can have a negative impact not just on their personal life, which is horrific enough because it can take hundreds of hours to clean up, but now you're talking about your business not being able to get the credit it needs to operate and to fund growth. In some cases, it can wipe out both the personal credit and the business and then you're really in a catastrophic state.

Small-business owners have to be vigilant on two fronts when it comes to fighting identity theft. First, they need to protect their own personal information and that of their company's key executives. Then they have to make sure to safeguard any information collected from customers or clients. Too many consumers, rather than take steps on the front end to prevent fraud, rely on monitoring their credit through the major credit bureaus, looking for smoke when they’ve already been burned.

A much better approach is to go after a preventative solution. So even if your information falls into the hands of a criminal, when they go out to turn it into money, they get turned away. It's not about detection after the fact--it's about preventing the crime before it occurs.

While technology has certainly given hackers a leg up in the identity theft battles--they use everything from modified credit card readers to Bluetooth to steal personal information--their favorite weapon is still manipulation of human nature. Known to hackers and social scientists alike as social engineering, it's the practice of gaining people's trust to the point where you don't have to steal their identity at all--they give it to you.

Why Cyber Security is Necessary

Cyber security is important because there are many risks involved, some more serious than others. Among these dangers are viruses erasing your entire system, someone breaking into your system and altering files, someone using your computer to attack others, or someone stealing your credit card information and making unauthorized purchases. Unfortunately, there's no 100% guarantee that even with the best precautions some of these things won't happen to you, but there are steps you can take to minimize the chances. As the saying goes, 'Prevention is better than cure.'

victims of identity theft may:
  • Be arrested for crimes they didn't commit.

  • Lose hundreds or even thousands of dollars to thieves and/or to fees for cleaning up financial records.

  • Spend countless hours clearing personal records.

  • Be refused loans for housing or cars due to poor credit resulting from identity theft.
Trends in Cybercrime

The recent trends in cyber crime are professionalisation of cybercrime; hacktivism; cyberwarfare; rising rate of identity theft; epidemic of security vulnerabilities in software & networking products; shrinking time from exposure to attack; soaring rates of SPAM; targeting of web-based applications; targeting of desktop computers; new risks stemming from mobility of data; and emergence of sophisticated, multi-vector "blended threats".

There is good reason to be pessimistic when it comes to preventing fraud altogether--but there are certain things business owners can do to make life at least a little harder for hackers.
  1. Protect your credit card and bank statements.
    While most people worry more about having their credit card accounts stolen, their bank accounts are cause for more concern. Fraudulent credit card transactions are easily reversed and accounts easily canceled. He says identity thieves often send business owners a small check in the mail, and when the business owners deposit the checks without thinking twice, their canceled checks delivers their bank account numbers to the hacker on a silver platter. Other hackers will manipulate caller ID software to make potential marks believe they're receiving a call from their bank branch.

  2. Don't disclose information over the telephone.
    Beware of anyone asking out-of-the-ordinary questions over the phone and, unless you're the one making the call, never give out sensitive information. Hackers will often pose as credit card companies offering a fabulous--and limited-time--offer. People will do more to avoid a loss than to realize a gain, so that's an influence factor a fraudster can use to get someone to cooperate.

  3. Educate employees not to disclose customer information.
    This goes along with being careful over the phone when it comes to talking about personal information. Identity thieves will often call businesses posing as customers and then ask for account or other sensitive information.

  4. Encrypt your wireless network.
    It may seem obvious, but a hacker ring recently compromised 40 million people's information by driving around with laptops and hacking into businesses' wireless networks. Take the extra steps and set up a web key to limit access.

  5. Beef up your physical security.
    Again, it sounds simple, but all the tech savvy in the world won't help you if someone can waltz into your office and steal computers and hard-copy files. If it were so obvious, experts wouldn't have to warn against it. Is your security stringent enough?
In case this isn't scary enough, there are other forms of identity theft that most people never even consider, which is just as well, given that there's no way to prevent them. He says a hacker armed with people's personal information can even file false tax returns in their names and collect refunds, something he says the Income Tax authorities are woefully underprepared to combat. While nothing is fool-proof, more pedestrian hackers can be repelled with a healthy dose of forethought. And, it certainly beats the alternative. If someone breaks into your car and steals your car, they sell it one time to the chop shop, make their money and it's over. The problem with our personal information is that once they steal it, once it's been sold, it's very hard to go in and change your Social Security Number. Most people don't want to change their name. You can't change your birth date. These are things we're stuck with our entire life, and if they're in the wrong hands, you've got to worry about someone 10 years from now showing up and trying to compromise you again.

Reblog this post [with Zemanta]