Posts

12th Day: Holiday Security Tips All Wrapped up Together

Would you like to give the people you care about some peace on earth during this holiday season? Take a few minutes to pass on our 12 privacy tips that will help them protect their identities, social media, shopping and celebrating over the coming weeks. The more people that take the steps we’ve outlined in the 12 Days of Christmas, the safer we all become, collectively.

Have a wonderful holiday season, regardless of which tradition you celebrate. Now sing (and click) along with us one more time.  

On the 12th Day of Christmas, the experts gave to me:

12 Happy Holidays,

11 Private Emails,

10 Trusted Charities

9 Protected Packages

8 Scam Detectors

7 Fraud Alerts

6 Safe Celebrations

Fiiiiiiiiiiive Facebook Fixes

4 Pay Solutions

3 Stymied Hackers

2 Shopping Tips

And the Keys to Protect My Privacy

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

WWBD? (What Would Bond Do?) Five Steps to Secure Your Business Data

, , ,

I finally got around to watching the latest 007 installment, Skyfall, and it appears even James Bond has entered into the world of Cyber Crime as he tries to protect a computer drive with a list of British agents from falling into the wrong hands.  And like the proverbial victims in a James Bond flick, you and your business data are under assault, even though it may not always be as obvious as getting thrown off a train.  Why?  Because your business data is profitable to would-be thieves. And for many of those thieves, that data is easy to get and the theft can be next to impossible to trace.

Sony PlayStation Network, Citigroup, Lockheed and several others have seen more than 100 million customer records breached, costing billions in recovery costs and reputation damage.  If it can happen to the big boys, it can happen to you.  If you don’t have Bond on your side fighting off the villains, take these steps to take to secure your business data:

Involve your employees. No one in your organization will care about data security until they understand what it has to do with them. So train them to be skeptical. When they’re asked for information, teach them to automatically assume the requestor is a spy. If they didn’t initiate the transfer of information (e.g., someone official approaches them for login credentials), have them stop and think before they share. Empower them to ask aggressive questions. Once employees understand data security from a personal standpoint, it’s a short leap to apply that to your customer databases, physical documents and intellectual property. Start with the personal and expand into the professional. It’s like allowing people to put on their own oxygen masks before taking responsibility for those next to them.

Stop broadcasting your digital data. Wireless data leaks two ways: the weakly encrypted wireless router in your office and the unprotected wireless connection you use to access the Internet in an airport, hotel or café. Have a security pro configure the wireless router in your office for WPA-2 encryption or better and perform a thorough security audit of your network. To protect your data on the road, set up wireless tethering with your mobile phone provider and stop using other people’s hot spots.

Eliminate the inside spy. Perform serious background checks before hiring new employees. The number one predictor of future theft by an employee is past theft. Follow up on the prospect’s references and ask for some that aren’t on the application. Letting prospective hires know in advance that you will be performing a comprehensive background check will discourage them from malfeasance.

Don’t let your mobile data walk away. Up to 50 percent of all major data breach originates with the loss of a laptop, tablet or mobile phone. Either carry these on your person (making sure not to set them down in airports, cafes, conferences, etc.), store them in the hotel room safe, or lock them in an office or private room when not using them. Physical security is the most overlooked, most effective form of protection. Also, have the security pro mentioned earlier implement strong passwords, whole disk encryption and remote data-wiping capabilities. Set your screen saver to engage after five minutes of inactivity and check the box that requires you to enter your password upon re-entry.

Spend a day in your dumpster. You may have a shredder, but the problem is no one uses it consistently. Pretend you are your fiercest competitor and sort through outgoing trash for old invoices, credit card receipts, bank statements, customer lists and trade secrets. If employees know you conduct occasional dumpster audits, they’ll think twice about failing to shred the next document.

Take these steps and you begin the process of starving data thieves of the information they literally take to the bank.  It will be a lot easier to sit back and relax- maybe even have a shaken martini- when you know your business is secure.

James Bond martini

John Sileo is an anti-fraud training expert and in-demand speaker on digital reputation, identity theft and online privacy. His clients include the Department of Defense, Pfizer, Visa, and Homeland Security. See his recent media appearances on 60 Minutes, Anderson Cooper and Fox Business.

 

 

 

 

 

 

Don't Get Cyber-Scrooged on Cyber Monday!

Why fight parking-lot-road-rage, UFC-sanctioned-psycho-shoppers and 12 a.m.-midnight-start-times on Black Friday when you can shop from the comfort of your laptop or iPad while sipping eggnog on the couch (or more likely, from your office desk)? I’m talking about Cyber Monday, of course – the day that online merchants heavily discount their products and generally give free shipping as well. By shopping online, you get most of the same deals and discounts (some of them better) without the breakneck competition common in stores the day after Thanksgiving.

Online shopping during the holidays is a convenient, green, inexpensive way to celebrate the season with less stress. In fact, it’s such an efficient way to buy gifts that cyber shoppers will spend close to $2 Billion this coming Monday. If you are one of them, take a few steps to add peace-of-mind to your peaceful holidays.

How to Protect Your Private Data Online on Cyber Monday

  • Never Shop on a Public Wi-Fi Connection – Although you may trust the baristas at your local coffee shop, you can’t always trust the person sitting next to you. Hackers can easily tap into Wi-Fi connections at public hot spots to steal your identity information. This can be especially dangerous when you are making purchases with your credit card on unsecured connections. Options: surf at home or set up Internet Tethering between your smartphone and laptop or tablet so that you are always surfing on an encrypted connection. Unlike most hot-spot transmissions, your mobile phone communications are encrypted and will give you Internet access from anywhere you can make a call.
  • Never use a debit card online – If your card information is compromised, funds can be withdrawn from your bank account without your knowledge. Federal law states that your bank can take up to 2 weeks to investigate fraudulent activity before returning the funds to your account, which means you have nothing to spend in the meantime.  In fact, if you don’t report the missing funds quickly, you could potentially lose all the money on deposit with your bank.
  • Monitor Your Accounts – While you are doing a lot of shopping – online and in the store – it is good to keep an eye on your bank and credit card accounts. Match your receipts up to your statement to make sure that they are correct and there are no fraudulent charges. Keep an eye out for small charges, sometimes that is how crooks test to make sure they have a good card. For convenience, set up credit card account alerts that automatically email or text you every time you make a purchase. It makes detecting fraud a snap.
  • Consider using a virtual or single-use credit card – Some card issuers offer virtual credit cards or single-use card numbers that can be used online. Virtual credit cards use a randomly generated substitute account number in place of your actual credit card number.
  • Never “recycle” a password – Most online shopping sites encourage you to establish a user name and password. Password-protected sites are becoming more vulnerable because people regularly use the same user names and passwords on multiple websites. But do you really want an online retailer to know the password to your online bank account?  If you are using the same password across many sites and your password for one site is breached, everything else is at risk. If you do decide to create a user name and password, make sure it is adequately strong. To assist the creation and safe storage of different passwords, use a password protection software like 1Password.
  • Protect your passwords and personal data – Do not share your passwords with anyone and never provide your social security number, birth date or mother’s maiden name in an email.
  • Only Shop on Trusted Websites – Don’t just let the search engine pick the site for you, make sure you are using a trusted and well-known website. Type in the direct web address for the stores you are familiar with, and don’t shop on price alone.
  • Look for Signs They are Protecting Your Data – On the Web page where you enter your credit card or other personal information, look for an “s” after http in the Web address of that page and a secured padlock (as shown below). Encryption is a security measure that scrambles data as it travels through the Internet. 
  • Make sure all of your security software is up-to-date before you shop online – That includes anti-virus software, anti-spyware and firewalls.

Take a break on Black Friday. Who knows, maybe you’ll start to think of it as White Friday.

Online Privacy Needs A Federal Office

, ,

According to a recent New York Times article, the government may be creating a department solely dedicated to strenghthening privacy policies within the United States and other countries. A recent report details why such a force is necessary. Although this new office would lack enforcement authority, they would work directly with the administration and necessary agencies to attack and solve privacy issues.

“America needs a robust privacy framework that preserves consumer trust in the evolving Internet economy while ensuring the Web remains a platform for innovation, jobs and economic growth,” the Secretary of the Commerce, Gary F. Locke, said in a statement. “Self-regulation without stronger enforcement is not enough. Consumers must trust the Internet in order for businesses to succeed online.”

The policy task force already suggested we make visible exactly what information is collected online through a “Privacy Bill of Rights.” Companies that collect this information will then have increased accountability and limits on what they can do with information collected.

The FTC would remain in charge of consumer privacy issues, but privacy concerns extend beyond borders and need to be handled with other countries.  Information gathered from a 2009 study by the Interactive Advertising Bureau found that Internet advertising is responsible for approximately $300 billion of economic activity a year.

In the past, the FTC has called for improvements to online privacy policies by corporations. They have lobbied to give consumers the option of a “Do Not Track” button so third-party companies don’t have access to their information.

The more that internet users realize how much of their personal information is readily available to companies and advertisers, the more they want to put a stop to third-party tracking. Hopefully, such a task force can protect our privacy, while still giving us the ability to freely search the web.

John Sileo is the award-winning author of two identity theft prevention books, Stolen Lives and Privacy Means Profit (Wiley, August 2010) and America’s top Identity Theft Speaker. His clients include the Department of Defense, FTC, FDIC and Pfizer; his recent media appearances include 60 Minutes. Contact him on 800.258.8076.

Tyler Clementi Doesn't Care About Cyber-Bullying Policies

,

Guest Blogger: Kathleen Keelan, Prevention Consultants, LLC

Tyler ClementiI have a hard time telling the parents of a cyber-bullied student that their school “has a policy.”  I have a hard time explaining to a child that even though they feel like their whole existence is being shattered every day, all day and all night, that their school district really does care about them.    It’s hard to explain to a cyber-bullied student and their parents that the school truly cares that they feel safe.

This I know for sure: the policy is only as good as the people who enforce it.

School officials are scrambling right now due to the “epidemic” of suicides from cyber bullying.  Law enforcement is scrambling right now to define their role in this growing phenomenon.  The National Crime Prevention Council is happy that physical bullying amongst children has declined.  However, the rate of cyber bullying is increasing at an alarming rate.  Right now the NCPS found that among teenagers, more than 43% are victims of cyber bullying.

Do you think that 50% of the kids care about a national law against cyber bullying?  I stood in front of a group of parents last night and tried to explain to them that although there is no program to teach about cyber bullying prevention in their school, there is a policy.  This I know for sure: the policy is only as good as the people who enforce it.  As one mom of a teen who was ruthlessly cyber bullied screamed at the top of her lungs at a school board meeting, “Don’t wave that cyber bullying policy in my face and tell me that is what you are doing to help my son.”

Ellen DeGeneres tearfully proclaimed on her now famous video October 3, 2010 that “Things will get better, and you should be alive to see it.”  We have got to stop hiding behind policies and help assure kids we care that they are alive to see the policies actually help those who are being cyber bullied.

Sileo: Kathleen Keelan is a dear friend of mine and an expert in this subject matter. Kathleen’s point that policy does not automatically guarantee action and even more importantly, that policy is never a replacement for action is one that I deal with every day in the corporate world. Having a policy isn’t good enough. You have to build a culture around that policy that weaves a belief system of action into the very fabric of the organization. Whether we are trying to protect data, our employees or our children, a policy without follow through is but an empty set of words. If you need help with cyber bullying in your school, please contact her on 303-521-5427 or learn more about Prevention Consultants, LLC at their website.