May 27, 2014 | SMB Technology
Recent high-profile data breaches, such as those that occurred at Neiman Marcus and Target, have brought privacy breach notification laws into public debate. In the event that your company’s secure information is compromised, it is important to understand privacy breach notification laws and standards. Privacy Breach Notification Regulations are Under Review Across the world, privacy breach notification laws are being updated and amended to keep up with the times. In the United States, for example, federal standards are being discussed, but each state may also have its own rules. Furthermore, some states do not even have their own regulations, and laws and procedures regarding privacy breach notification standards vary depending on where your business is located. Be sure to know the regulations and standards for your own country or state. What is Privacy Data? This private information that your company may posses includes customer names, in combination with, account numbers, driver licenses, or social security numbers, although this changes from state to state and from country to country. Most laws require your business to inform customers, employees, and other stakeholders when their private information has been compromised. What is considered private information, and the timeframe in which customers must be informed of the breach, varies in each law. A Privacy Data Breach Has No Borders Many companies collect data from customers across the globe. If a privacy breach crosses state lines or international borders, your company may need to comply with multiple standards. Failure to comply may lead to fines and penalties, in addition to customer disapproval. California laws, for example, impose fines up to $3,000 for failure to...
Apr 16, 2014 | SMB Technology
The name Heartbleed OpenSSL Vulnerability (aka Heartbleed bug) is as scary as it sounds. Some reports say up to two thirds of all secure websites (e.g. those with a web address starting with a green https://) are using OpenSSL. It has been reported that Google was first to discover the Heartbleed bug that compromised sites including Yahoo, Tumblr, Flickr, Amazon, and other websites relying on OpenSSL for security. This security breach may provide hackers access to accounts, passwords, and credit card information. Heartbleed and Your Systems Business owners using OpenSSL for their email, website, eCommerce applications, or other web applications should take action to prevent data loss or theft. The fix for the Heartbleed bug should be installed on your operating systems, network appliances, and other software to ensure that confidential information is protected. Consider having your IT professional test your public web servers to determine if they are safe. Heartbleed and Your Employees Your employees may have used websites that were exposed to the Heartbleed bug. This means their username and password combinations may have been compromised by hackers tapping into what was supposed to be encrypted communications. Employees should be reminded to reset passwords within the guidelines established by your company. There are plenty of resources on creating a secure password. Microsoft offers tips for creating a strong password on their website. The Need for IT Security Because the Heartbleed bug is pervasive, most internet users need to change passwords on sites like Gmail, Yahoo, and Facebook. The Heartbleed bug is a wake-up call to the importance of having an IT Security policy that includes strong password...
Apr 9, 2014 | SMB Technology
Many Smartphones and Tablet computers have access to corporate applications and their data through Bring Your Own Device (BYOD) policies and corporate-sponsored mobility strategies. Mobile Security has become a popular topic for good reason. According to CIO Insights, mobile data traffic is expected to increase eleven-fold by 2018. Because of increasing data traffic on mobile devices, some government agencies are looking at legislation to require manufacturers to add a smartphone kill switch to remotely wipe a mobile device if it is lost or stolen. Keeping in mind that a four-digit iPhone passcode could be hacked in minutes, this begs the question: Does your Smartphone Need a Kill Switch? Having a smartphone Kill Switch may give a sense of false security. Adding a kill switch to protect your privacy and corporate information is reactive, rather than proactive. If not done properly, you could wipe your employees’ irreplaceable information, such as family photos. A Kill Switch may also make the phone entirely unrecoverable. This means you will surely need to replace the device once the remote kill switch is invoked. Proactive Mobile Security Before you hit the Kill Switch consider proactive mobile-security measures. Smartphones and Tablets are great innovations that allow your employees to stay in touch and work anywhere. Access to email, operational data, financial information, and customer information through a mobile device can empower your employees and increase their productivity. Access to this information should be password-protected at all times. Additionally, any corporate data should be encrypted in transit and at rest. Only approved applications should be allowed on the mobile device and personal data should be stored in...
Feb 20, 2014 | SMB Technology
Your Computer Network is the information pipeline of your business. But what if your network goes down? If your computer network is not operating properly, you may lose access to critical applications and their data. If you are using mobile applications, software as a service, or other types of Cloud Computing, your computer network needs to be highly reliable and readily available. While reading this article, you will learn about information technology trends that impact your Computer Network. Cloud Computing and Your Network With Cloud Computing, your employees require consistent and reliable bandwidth over the internet to connect with the most popular cloud applications. As Cloud Computing is becoming more important in business, it is becoming increasingly necessary to protect your network. Cloud Computing is an undeniable trend. Most industry analysts forecast strong growth for The Cloud. From a September 2013 forecast from International Data Corp., worldwide spending on public IT cloud services is predicted to reach $107 billion by 2017, an increase from $47.4 billion in 2013. This trend in cloud computing is driving mega deals, such as the acquisition of Time Warner Cable by Comcast, as cable is a popular option for business class internet. Is your Computer Network ready for Mobile? A WiFi network is a practical way to connect laptops, convertibles, tablet PCs, and smartphones to your business. However, mobile devices can tax your computer network performance and security. To ensure smooth and consistent network connectivity, your computer network needs to accommodate the additional bandwidth requirements of those mobile devices. Additionally, mobile devices may be a source of virus, Malware, or phishing schemes on your...
Jan 23, 2014 | SMB Technology
Mobile security is top of mind when it comes to concerns for IT Managers. According to the Computing Technology Industry Association (CompTIA) risk of loss is the number one concern related to Mobile security. For the first time last year, more smart phones and tablets shipped than PC desktops. It is no surprise that mobile devices are the target of mobile security threats. Chances are most people in your company have a smartphone, tablet or both. In some cases these devices connect to your company network using WiFi. It is equally likely that these devices access company information via email, mobile applications or file synch to company data. Now that these devices are universal, it is important to have a plan if they are lost or stolen. Keep in mind, your four digit password may be the only thing between an intruder and your data. Here are some additional considerations for mobile security. Mobile Security Policy While you can remotely wipe a Mobile devices when it is lost or stolen, this may not be enough. That four digit passcode can be easily hacked in minutes. It is important that employees know how to report a lost or stolen device immediately. Also consider, there may be personal information on the device that is property of your employee. This data may not be backed up and could be impossible to recover. There may be local laws that prevent you from wiping this type of data from personal devices. If your employees access your corporate systems, be sure they sign and acknowledge your company policy for acceptable use, including policy for reporting...
