By John Sileo, [cc id=’csid’] consumer security expert
In the first part of this article series, we discussed the first two steps of securing your business data, which focus on resolving the underlying human issues behind data theft. The remaining five will help you begin protecting the technological weaknesses common to many businesses—take on the next two:
3. Stop broadcasting your digital data. There are two main sources of wireless data leakage: 1) the weakly encrypted wireless router in your office and 2) the unprotected wireless connection you use to access the Internet in an airport, hotel or café. Both connections are constantly sniffed for unencrypted data being sent from your computer to the web.
1) Have a security professional configure the wireless router in your office to utilize WPA-2 encryption or better, implement MAC-specific addressing, mask your SSID, and do a thorough security audit of your network. You will never be sorry for investing the additional money in cyber security.
2) To protect your data while surfing on the road, set up wireless tethering with your mobile phone provider (Verizon, Sprint, AT&T, T-Mobile) and avoid using free or fee hot spots. Data criminals can easily “sniff” the data you send across these free connections.
4. Eliminate the inside spy. Most businesses don’t perform background checks when hiring new employees, yet much of the worst data theft ends up resulting from “inside jobs.” Not surprisingly, the number one predictor of future theft by an employee is past theft—most employees who are dishonest now were also dishonest in the past, which may be why they have moved on from former employers.
Strategy: Invest in a comprehensive background check before you hire, and follow up on the prospect’s references. Investigating someone’s background will give you the knowledge necessary to let your gut-level instinct go to work. In addition, letting your prospective hire know in advance that you will be performing a comprehensive background check will discourage dishonest applicants from pursuing the job.
Stay tuned for Part III of this series. Soon you’ll have a more secure system in place and can rest easier about the safety of your data.