The new phrase to send a shiver of anxiety down any business owner’s back is ‘data breach’ – but what can you do to reduce the risk of it happening to you?
A data breach occurs as a result of a cyber attack. Criminals are then able to gain unauthorised access and steal private, sensitive or confidential personal and financial data. Usually, the crims are wanting to steal data such as names, email addresses, usernames, passwords and credit card details.
The way that the crims get access to your systems tend to be:
- Spyware – malicious software that infects your PC or mobile device and gathers information about you, your browsing and Internet usage habits, as well as other data;
- Phishing – where people are deceived into sharing sensitive information like passwords and credit card numbers; and
- Broken or misconfigured access controls which let people into parts of the system they shouldn’t have access to.
Best practice now is to be proactive about data security. The top 3 tips are:
- Segment your data: whilst this may not stop the crims, it will slow them down and make their lives more difficult.
- Use the Principle of Least Privilege, or PolP, where each user only has enough access to the system to do their job. If one user account gets attacked, then anyone using that account won’t have access to the whole system.
- Use a strong cybersecurity programme which can detect threats, prevent downloads, and stop malware from getting onto your network.
If, as an individual, you think you’ve been the victim of a breach, here’s a quick check list of some things you may need to do:
- Reset passwords – you may want to consider using a password manager app
- Check your credit cards for any suspicious activity
- Think about putting a freeze on your credit limit on your cards
- Check your inbox carefully, including your spam folder for any dodgy looking phishing activity
- Use multi-factor authentication, where you need your password plus another form of ID