Best Practices for Cyber Security in 2017
Many individuals believe in cyber security practice, although some people do not see the threats. Why worry about something major if it’s never happened to you?
Well, statistics prove how damaging cyber threats are and how they can cripple your organization. Please take note that not all cyber protection cost money. If you believe in proper protocol and follow through with simple updates, you may protect yourself and others from future threats.
Here you will find a few simple preventative strategies
Never Click on Links in E-mails
Many companies have messaging alerts within their sites, they will not send a link within an e-mail. If you receive an e-mail asking to log-in, make sure you call the company to confirm OR login directly from the site.
Never Open the Attachments
Retailers do not send e-mails / promotions with attachments. Disregard the attachments – do not risk “opening” and infecting your computer.
Set Secure Passwords and Do Not Share Them with Anyone
Avoid using common words, phrases and or personal information. Most of all, ensure you update your passwords regularly.
If you have automatic attachment downloads, ensure it’s “shut off”
Anti-Virus / Updates
If you have anti-virus installed, you have to make sure you’re staying committed with your updates. Do not ignore updates, they ensure your computer or software is up-to-date and preventing cyber breaches.
Pay Attention to Website URLs
Understand “domain names”. This is what you should see in your browser’s location bar, although you may need to click in the bar to make it completely readable. When clicked, you should know the exact company / page you’re viewing.
As a result, proper cyber hygiene will keep your organization clean while reducing cyber breaches. As IT professionals we know you cannot become an expert overnight.
Is your business compliant with Rhode Island’s Mandatory Identity Theft Protection Act?
June 26th, Governor Gina Raimondo signed the New Rhode Island Identity Theft Protection Act of 2015. New provision was updated as of July 2, 2016 and businesses must comply.
You’re probably thinking if this act applies to your business? It does apply for anyone or entity who or that “stores, collects, processes, maintains, acquires, owns, uses, or licenses personal information about a Rhode Island resident.” This act has no exclusions based upon an organization’s size or number of employees.
How is personal information defined?
An individual’s first name or first initial and last name, combined with any one or more of the following elements and when the name and data essentials are NOT encrypted or are in hard copy paper format:
- Driver’s License, RI identification number or tribal identification number
- Social Security Number
- Account Number, credit or debit number, with any required code / password that would permit access to an individual’s financial account
- Medical / Health Insurance information
- E-mail address with any required code or password that would permit access to an individual’s personal, medical, insurance, or financial account
* “Encrypted” requires that data be in a form in which there is low probability of assigning meaning without use of confidential process or key.
If your company falls under the categories listed, ask yourself the following:
- What must be done to protect the personal information of a RI resident?
- What if personal information is disclosed to a nonaffiliated 3rd party?
- What notice must be given in the event of a breach?
- How can I remain proactive?
Please note, the act imposes civil consequences for EACH violation of up to $100 or $200 per record depending whether it was reckless or knowing and willful. Also, the act does not have a cap on the total amount of imposed penalties.