It’s time to Upgrade Your Cyber Security Defense

Asset Determinations…Fighting the War on Uncollected Judgments
April 3, 2017
Electronically Stored Information (ESI)… Use an Expert to Protect the Evidence
June 1, 2017
Show all

It’s time to Upgrade Your Cyber Security Defense

Due to an increase in new technologies and their extensive uses in the workplace, data protection has become a critical safety point in every company. In the race to employ technology to its fullest potential, many businesses under-estimate the severity of cyber threats.  When data is compromised, whether accidentally or intentionally, it can cause personal, financial, and credibility damage to not only the business owners, but also their workforce and more and more often, their customers.

Currently, we always seem to hear about security threats affecting larger companies, like Target, Visa, and Mastercard.  But more and more frequently, smaller companies are becoming increasingly compromised.  Unfortunately, it has become inevitable that cybercrime will eventually threaten almost every company at some point in its existence.  It is important for sound security best practices be put in place so that sensitive and critical information will not be compromised by cyber criminals.

The need to take proactive steps to ensure a business is adequately protected is likely to be a key feature at many company meetings in the coming year. While the security measures taken will differ depending on the size and nature of a business, every company, whatever the size, should be implementing relevant procedures to guard itself against cyber security risks.

Cyber security is not a one-time activity

Cyber security includes on-going activities and processes that have been created specifically to help monitor and reduce cyber security threats. Unfortunately, no one form of protection is completely secure, and it is highly advised that you hire a cybersecurity expert to assess your specific risks, identify your particular requirements, and help build a personalized plan to ensure maximum protection.

These methods may include:

  • Improved data integrity & security: This is a preventative action that ensures a network, operating system or internet platform is both secure and trustworthy. By taking the time to put preventative measures into place, you can help reduce risks and create a safer platform for users and visitors.
  • Use of data recovery tools: This helps recover lost, missing, or partially missing, damaged, and/or deleted data. In-depth analysis can also trace the root cause and origin of the missing or corrupted data and may be able to help rebuild file fragments into an original format.
  • Improved staff training: Education and training can help establish a stronger unity within a company by enhancing security policies and can help decrease staff liability. This includes:
  • Keep your devices secure – apply encryption and enable “auto-update”
  • Create stronger passwords – make sure your password is long, at least 12 characters, and includes uppercase, lowercase, numbers, and special characters. Avoid patterns like ABCDEF, QWERTY,  or 123456
  • Practice password hygiene – this includes not sharing your passwords with anyone, changing them on a regular basis, and avoiding using the same security questions across multiple sites.
  • Regularly evaluate access and responsibilities to sensitive data – privilege abuse is the most frequent form of insider misuse.
  • Develop a company-wide security awareness program – in this way you can proactively plan for problems.
  • Don’t share important or sensitive information via email and disable autofill.
  • Enable email scanning by your anti-virus program and don’t trust attachments – over 90% of cyberattacks begin with email
  • BYOD policy – More and more employees are bringing their own device to work. While many companies see this as a positive trend, it is important to note that personal devices pose a security threat. As these devices access the internet through the company’s network, the company needs to ensure that these devices are protected

In this ever-expanding, cyber world in which we live, regular monitoring and updating of data safety features is one of the most important assets to any company. Educating staff on the software and the hardware they use is essential to a stronger level of security and may help prevent breaches of security.

When does my company need outside cybersecurity help?

Not all data recovery tools are created equal, and professional advice should be sought in cases where any level of expertise is required. Some cases may require data management or recovery using technologies not currently available to a company. A professional investigation may be carried out when sensitive data is present or the recovered data may be used as evidence in a court of law and requires additional care.

In order for electronically stored information or ESI to hold up in court, the evidence supplied must be able to verify a chain of events and data history to be considered hard evidence for the fractured, deleted, or missing data. Prudential Associates has a successful track record in helping businesses secure positive convictions. We have a wide range of tools and are well-versed in current media trends and media storage and environments.

We also offer remote guidance and can help tailor a cost-effective approach that may help ensure defensibility, without the risk of data exposure in your company. If you have any questions, please do not hesitate to contact a professional forensic specialist today for more information on the services and options available.