What Are The Various Forms of Data Breach

Businesses around the world are coming to terms with a new kind of risk – one that puts their finances and reputation at risk. It also happens to be a risk that is only growing in severity and reach.

The risk is data breach and the problem is growing despite concerted efforts by businesses and leaders in information technology and even law enforcement agencies, to stem the tide.

Before you can take steps to protect your business from data breaches, you must first, learn the many different tactics hackers and identity thieves use to get information about your customers, your business, and your employees.

Malicious Attacks

Hacking, malware, and ransomware are among the things that involve a malicious attack. These brute force attacks are the ones that often make big news. While most people feel that companies like Sony and Target are the primary targets of these attacks, many hackers cut their teeth on mom and pop small businesses, then graduate up to the larger targets after honing their skills. This means that all businesses are at risk.

Employee Errors

Employees may very well be the number one cause of data breaches for the average business. Unfortunately, there are many ways this can happen and the solution is not a one-size-fits-all employees’ fix. In fact, there is a fairly lengthy list of ways employees can inadvertently allow data breaches to occur – despite your best efforts to prevent them. They involve:

  • Ineffective Passwords.This can include anything from using “Password” to obvious things that are easy for employees to remember (dates, names, etc.) and hackers to figure out.
  • Infrequently Changing Passwords.In addition to having strong passwords, employees need to change passwords frequently.
  • Failing to Update Operating Systems.Operating systems issue updates to address specific vulnerabilities. It is essential to install those updates when they are made available so that your business systems do not become compromised.
  • Unauthorized Employee Devices.Personal devices do not go through the same security protocols your business devices do creating a vulnerability when they connect to the servers.
  • Email Mistakes.Attaching documents and sending them to the wrong person can be a critical mistake when it comes to confidentiality and protecting the identity and personal information of your employees, customers, etc. It happens more often than most companies realize.
  • Lost Thumb Drives (External Hard Drives).Thumb drives today can carry an enormous amount of information and are no bigger than key fob. This means they are easily lost and/or stolen. Allowing employees to take sensitive information from your property on these drives presents a substantial risk.

Employee Malice

While accidental problems with employees can be devastating enough, the intentional misconduct of employees can destroy your business if you don’t have the right protocols in place to address the issue.

Physical Theft of Information

Sometimes businesses focus so much time and attention to securing information that is stored in the cloud and getting rid of documents that might prove risky, that they forget out one other obvious avenue for thieves and hackers to obtain this information. That would be the physical theft of servers, laptops, mobile devices, and any other pieces of equipment that can access the information that may be stored on the devices or in the cloud.

Don’t forget about the client and patient files themselves. Hard data breaches occur when thieves or others get their hands on documents that are supposed to be private. This includes client files, records of client communications, employee files, and countless other documents that may be confidential or even classified. It is critical to keep these files locked away from others and to limit access to client and patient files to only those who have a need to view the materials on them. Once they are no longer necessary, they must be properly disposed of too and can’t simply be thrown into the garbage.

Skimming

This is when people use your business equipment, such as credit card readers, to skim the credit card information of people who shop in your stores (or use your vending machines or gas pumps). It’s notoriously difficult to identify at a glance and can capture hundreds of credit cards before it’s discovered.

Now that you know the specific vulnerabilities businesses face, it is time to create policies and take action to minimize your risks. One of the ways you can do this is with a data breach liability policy designed specifically for your business from Insurance Center of North Jersey. Call us today at 201-525-1100 or email info@icnj.com to see how we can help.

 

Read part 2 in our 3 part series on data breach here:

What Can You Do To Prevent a Data Breach?