Posts

USPS Data Breach: What SMBs Can Learn

/in


As a small or mid-size business, you probably do not worry about hackers and data breaches. Your information is safely stored in-house or in a secure cloud service.  You do not have trade secrets or intellectual property coveted by foreign governments or industry. You accept credit cards, but those transactions are processed, saved, and secured by the credit card processor … you do not even have credit card numbers in your files or systems. It is not unreasonable for you to think that you are not a data breach target.

You are wrong.

The recent data breach at the US Postal Service should, however, serve as a wake up call. Hackers breached USPS systems not for customer data or credit card information; the hackers stole HR records for hundreds of thousands of postal employees and retirees (customer data was just a bonus). And, while the hackers were not able to go on an immediate debit-card spending spree, they captured all of the data necessary to steal identities — names, addresses, social security numbers, and more.

Regardless of your size, any personally identifiable information in your possession is an incentive for criminals. And you don’t need to be big to be caught. A stolen laptop, compromised account, or lost USB stick can enable data breaches in systems you think are secure.

Malware is the inbound marketing tool for hackers and identity thieves. 

When malware spreads, it makes its way onto business computers that the hackers may never have known existed. Malware often sits in wait, capturing passwords or other information and communicating the information to servers half way around the world. Hackers can then use this information to assess the value of the target and to gain more access to even more data. Hackers may also sell this information to other criminals.

Your business needs protection in place, and awareness of the scope of the problem is the first step.  Permissions monitoring and management, web filtering, device protection, endpoint protection, mobile device management, and user data protection may all be components of your solution.

Please contact us for a complimentary review of your current data protection coverage.

 

How eBay Can Destroy Your Business

/in ,


eBay is putting your business at risk … and not in the way you might think.

This is not about lost productivity, eBay stores, or your merchant account. This is about eBay letting hackers attack your computers.  This is about hackers using eBay to steal usernames and passwords, employee data, and customer data.

As reported by ComputerWorld, eBay is under attack by security professionals for allowing “active content” in ads, which allows hackers to create listings and fake pages with malicious code.  Over 100 eBay listings have already been found to include malicious code designed to steal usernames and passwords.  Many of these listings were hijacked from sellers with 100% ratings and years of successful sales, creating a false sense of trust.

Employees shopping during their lunch break can unwittingly open up your corporate network to hackers, enabling theft of personal and customer information.

While eBay promises to monitor and assess the situation, one simple fact remains:

Even trusted web sites from major corporations can be compromised and pose a threat to your data … and your business.

While preventing people from using the Internet is an option, it is not a realistic option in today’s world.  Active protection is your best option.  Web filtering solutions not only block known malware sites, these services examine the code, content, and behavior of sites for malicious activities like those embedded in the corrupted eBay listings.  Combined with solid endpoint/user protection, you can defend your staff, your data, and your business from attack and data loss.

Web filtering solutions cost less than $3.50 per user per month with an annual contract. Please contact us to learn more or request a quote.

Click these links to learn more about Security Threats and Web-based Malware.