When news about a data breach breaks, it’s tempting for people to just roll their eyes and return to their overflowing to-do lists. But these threats are getting closer and closer to seriously affecting individuals’ own precious data. Turning a blind eye could be the death of their budding businesses.
Big-name Sony Pictures is the latest in a long line of brands that have garnered attention for the wrong reasons. In November, Sony was hacked, leaving a number of financial records vulnerable after one of its servers was compromised -- not to mention the embarrassing pre-release of a bunch of movies the company didn’t want out yet, which is immeasurable in the amount of revenue it will lose.
The U.S. Postal Service is another scary example. The breach, which potentially endangered more than 800,000 employees, customers and even top directors’ data, shows just how easily threats can undermine even the most trusted organizations.
Yet, many people still think that data-hacking is at a safe distance. They’re aware of threats on the horizon, but because they’re not directly affected, they don’t spend the time and money to build secure practices. However, members of the business community can’t allow themselves to become immune to the bad news of each new breach.
The scariest thing about the data-hacking trend is that no one knows what form it will take next. That being said, business leaders need to arm their businesses now so they can adapt to the next threat. Here are seven steps to get started:
1. Build the business around security.
Security needs to be built into every aspect of a business. Establishing security controls often becomes more complicated the longer businesses wait, so it’s easiest and safest to found every aspect of a business with security in mind.
2. Strengthen every link in the chain.
As Sony discovered, it only takes one weak component to destabilize a whole business. Train every single employee to have security awareness. When working with engineers or third parties, make sure they have secure mindsets and don’t allow anything to be distributed until it’s absolutely secure.
3. Get your workflows right.
Secure DevOps isn’t a buzzword. Build awareness and adjust methodologies so security becomes a part of the cyclical workflow. If software is produced internally, be aware of development and operations workflows, and be constantly thinking about how operations can be connected with development.
4. Encrypt just about everything.
Follow best practices when it comes to encryption. Encrypt web traffic and make sure laptops have encryption turned on. Most vendors, including Apple, have the capability to remotely wipe information if a device is compromised. Use it.
5. Invest in security.
Just like any other part of a business plan, security needs to be budgeted. Attackers often have the latest tools and adapt quickly, so benchmark spending and invest in ahead-of-the-curve technology. The price tag for security needs varies, so regularly reassess and reinvest.
6. Build awareness into your continuity plan.
If “security response” hasn’t been rolled into the continuity plan, do so immediately. If a reliable way to solve security problems does exist, then it’s through awareness of threats and tools. Be constantly aware of the risks, and prepared to react against security slips.
7. Unite against hackers.
Don’t face the problem of data-hacking alone. Businesses can build safety in numbers by spreading awareness about secure practices, uniting with others and encouraging everybody to be aware of the latest developments in threats and protection.
Expert, dedicated hackers are patient criminals. They’re ready to adapt and bring new, unforeseen infringements into the next news bulletin. But next time, instead of rolling their eyes, business leaders need to show them the force of up-to-the-minute technology, well-funded strategies and aggressive resistance. Data’s integrity depends on it.