News reports indicate that hackers may have accessed Target Corp. data via a mechanical contracting business’s remote access to the retailer’s computer systems for electronic billing, contract submission and project management. What steps can you take to make sure you’re not a victim of security breaches?
As business owners, it is important to be vigilant with access to other databases and other databases’ access to your business. Here are some protections to consider:
• If your company processes credit cards, verify Payment Card Industry (PCI) compliance status, an important protection for the handling of sensitive financial transactions.
• Monitor networks for any unusual activity.
• Up-to-date virus protection software is a must; installing a firewall is also important.
• Be choosy about giving any customer/vendor access to your company’s electronic files.
• Be selective about which staff members have access to secure files.
• Create passwords that are a mixture of letters, numbers and characters; keep them hidden; change them frequently.
• Train staff on the importance of following secure Internet practices.
• Include a policy on secure Internet management in your employee policy manual.
• Implement background checks on new hires.
• A consultation with industry experts may be in order, certainly with the liability protection provider for your organization.
Remember, planning now could save significant time and aggravation in the future. And as you’re considering your options, keep in mind there are movements underway to strengthen cyber security, including the possibility of embedded credit card chips. Envisioning possibilities for the future should be part of your planning process in case any changes in your existing infrastructure are needed.
Source: PHCC-National Association