Tag Archive | "security"

Over 80% Of Consumers Would Not Purchase A Car From Dealership With A Data Breach

New York, NY—Total Dealer Compliance (TDC), a car dealership compliance-auditing firm, today announced key findings from its second car dealership survey which targeted both consumers and car dealers. Among the survey’s key findings are results indicating that nearly 84% of consumers would not buy another car from a dealership after their data had been compromised, while only 30% of dealers employ a network engineer with Computer Security certifications/training.

“As car dealerships continue to be a real target for cybercriminals, with fewer data-protection measures in place than most other industries, we set out to discover the effect this is having on a car dealership’s bottom line,” said Max Zanan, President of TDC. “Our report discovered that more than 70% of dealers are not up to date on their anti-virus software, and nearly a third of consumers lack confidence that their personal data is secure when purchasing a vehicle.”

Highlights from the dealer survey include:

  • Nearly 85%have a contract with a 3rd party vendor to handle more complex IT work
  • Only 30%of dealers employ a network engineer with Computer Security certifications/training
  • Only 25%hired a 3rd party vendor to try to hack into their networks to test their vulnerability
  • More than 80%employ an IT engineer to handle basic day-to-day work
  • More than 70%of dealers are not up to date on their anti-virus software

Highlights from the consumer survey include:

  • Nearly 33%of consumers are not confident in the security of their personal and financial data when making a purchase at a car dealership
  • Just under 84% of consumers will not go back to buy another car from a dealership after their data has been compromised

Dealerships should regularly conduct IT vulnerability scans, Windows security checks, provide online courses on networking, as well as implement a solid computer security policy. TDC conducts vulnerability scans by using independent “White Hat” hackers to discover a dealership’s cyber vulnerabilities and based on those vulnerabilities discovered, create policy.

“Car dealerships need to put procedures in place to help prevent cybersecurity attacks. We help dealers focus on social engineering and how not to fall victim to hacking,” continued Zanan. “As ever, our report turns a spotlight on the hot topic of data security, revealing the necessity of having strict policies and procedures in place that are being adhered to by all employees to ensure consumer confidence and loyalty.”

Posted in Auto Industry NewsComments Off on Over 80% Of Consumers Would Not Purchase A Car From Dealership With A Data Breach

Cyber Hacks Against SMBs on the Rise – What You Can Do

Cyber-attacks are on the rise, that’s no surprise. Cyber-attacks directed at small businesses, however, are also increasing, according to new data, reported FoxBusiness.

In fact, according to Symantec’ 2014 Internet Security Threat Report, one in five small-to-medium-sized (SMB) companies were the victims of cyber breaches in 2013. Plus, per a NetDiligence survey, the most common cause of a hack is due to a lost or stolen device, not an actual hacker.

Miller Newton, CEO of PKWARE – a data and smart encryption company, predicted four major hacks would take place between this year and last, and two have: corporate espionage (Sony) and a health-care breach (Anthem). Miller also predicts massive breaches in a pro-sports franchise and an infrastructure hack.

“Unfortunately, we know that history repeats itself,” Miller told FOXBusiness.com. “It takes a significant security breach for businesses and government to get serious about securing critical systems and information.”

His remedy?

“Unilaterally, security focus needs to shift from networks and devices to protecting information by armoring the data itself … as businesses and individuals, strengthening security will require vigilance, expense and even some inconvenience,” said Miller.

According to Ponemon Institute’s 2014 Cost of Data Breach Study, hack attacks in the United States cost on average $200 per record compromised. That same study says each breach typically involves some 29,000 records – roughly $5.8 million to cover that cost alone.

Tim Francis, enterprise and cyber lead at Travelers, said “there’s an under-appreciation of how vulnerable an SMB might be to a cyber-event.” His advice to SMBs is to be vigilant in the “pre-breach environment,” covering all bases when safeguarding against hackers.

“For a small business, they may not spend billions dealing with a breach, but there’s a higher risk they’ll be crippled so severely they’ll have to close their doors [after a breach],” Francis said.

Posted in Small Business TipsComments (0)

8 Essential Security Strategies for Small Businesses in 2015

In the past year a bevy of big-time companies like Sony, Target and Home Depot were hit with data breaches. Amid the chaos, it might be easy to overlook the fact small businesses are just as vulnerable if not more so than their large-cap counterparts, reported Fox Business.

Larger companies typically have stronger security measures in place to ward off intruders, but independent businesses often can’t afford these expensive protections. Either way, small businesses still have access to a vast trove of client information, which makes them ripe for hacks.

In fact, Hartford Steam Boiler (HSB) recently found more than half of all small- and mid-sized enterprises have been hacked at some point, and 72% of those affected by breaches were unable to restore the stolen data.

Fred Touchette, senior security analyst at AppRiver, which specializes in SMB security, has pinpointed eight essential strategies small businesses should implement to strengthen their data defenses.

1. Always Run Anti-Virus and Firewalls

“Firewalls are important as they typically act as the first line of defense against network attacks, while anti-virus solutions serve as a strong last line of defense,” Touchette says.

2. Update All Devices with the Latest Patches

“Attackers and researchers continually find vulnerabilities in software, and a patch, or hot fix, is designed to correct those security flaws,” Touchette explains. “And if unpatched software is left on a device, it makes it easier for an attacker to leverage them. The same rule applies to all software.”

3. Always Use Complex Passwords and Mix It Up

“Make sure your password is lengthy and has a healthy mix of symbols, characters, lowercase and uppercase letters,” he says, adding that using the same password across multiple sites and devices gives the attacker “immediate access” to everything. Therefore, “by utilizing different passwords for every account, the user is limiting the effectiveness of an attack to a single compromise.”

4. Protect Your Personal Information

“Remember, do not advertise sensitive information online,” Touchette warns. “Tighten your security settings on social media” by limiting the personal information (birth dates, addresses) you provide. “This information can be used to fuel custom attacks or [help decode] account security questions,” he says.

5. Be Mindful of Your Digital Foot Print

And be careful what you post online. Touchette says it’s best not to “post anything online that you wouldn’t want everyone in the world to see. Really.”

6. Only Visit Trusted Sites

“There are roughly 252 million registered domains and a large portion of those domains are malicious. Some are quite obvious while other, legitimate sites can be compromised to host malware within its pages,” he says. Sticking to well-known, established sites, the security expert adds, increases “the odds of staying safe online.”

7. Think Twice Before Opening Attachments

“This is a very, very common method for attackers to use — delivering malware straight to your inbox, which is both convenient and highly effective,” Touchette explains. “Do not click on an unsolicited link or open an attachment unless you know it is reputable.”

8. Review Financial Accounts Regularly for Suspicious Activity

“By monitoring accounts on a regular basis, you raise your chances of catching an attack before it causes too much damage … and possibly even catch the attacker,” he says.

Posted in Small Business TipsComments (0)

How to Protect Your Small Business Tech

Via Fox Business:

Antivirus software hasn’t been the saving grace for some time now, yet many small business owners think it is. As long as their antivirus software is up to date they assume they are in the clear. Not so.

Unfortunately the business of hacking has changed dramatically, putting small businesses in serious risk if they only rely on antivirus software.

“Antivirus from a technology perspective is dead because antivirus technology is a decade old,” says Greg Martin, chief executive of ThreatStream, a threat intelligence company. “The market shifted so much in terms of what the bad guys are using.”

Antivirus does have a place in an overall security plan, but thinking it’s all you need to protect your systems is foolish. The level of sophistication among computer hackers has increased dramatically requiring new tools and techniques to prevent a system from getting infiltrated. Most of the new attacks come in from the Web browser and use social engineering to get you to click on a link, whether it’s in an email or on a Website.

Not to mention the antivirus tools that are built directly into the Windows 7 and 8 operating systems as well as Apple’s OS makes purchasing a standalone antivirus software package pointless.

“Antivirus is for the common cold the new threat detection (software) is for the flu,” says Joe Loomis, Chief Executive of security company CyberSponse. “They will always sell common cold medicine over the counter but you also need the new antibiotics and remedies.”

For small businesses that have long relied on antivirus software for their protection they now have to do more. After all, if their computers are hacked and customer information is accessed, it could spell the end to the business.

One of the first things small business owners need to do, say security experts, is to ensure you have an up-to-date operating system that is fully patched — whether it’s from Microsoft or Apple. According to Martin, with the new operating systems security is built in and the updates are done automatically, so the business owner won’t have to do a lot of additional things to make sure the OS is secure

How you and your employees surf the Web also matters. Loomis says companies should treat Internet usage in the same way you deal with sexual harassment awareness. That means having clear policies in writing, hosting classes to reinforce the rules and holding employees who don’t follow them accountable.

He also says you need password policies on the books, and you must enforce the changing of them often. The passwords also have to be tough. It doesn’t hurt to block the use of social media during work hours unless it’s needed for the job.

“Security has to be taken seriously,” says Loomis. “It’s not just when it’s convenient and they can’t use the excuse they didn’t know.”

Martin also says small businesses owners have to stay on top of updating their Adobe Flash and/or Java.

“These things get targeted the most in modern cyber-attacks,” says Martin. “You have to make sure when a pop up to update Flash or Java appears that you click yes.”

Posted in Small Business TipsComments (0)

Eight Ways to Prevent a Data Breach

The nightmare of a security breach at your small business has become more of a possibility in recent years. Despite that trend, a majority of small businesses are not taking steps to try to prevent a data or security breach, new research has found.

According to the Verizon 2011 Data Breach Investigations Report, organizations with between 11 and 100 employees reported 436 data breaches last year – almost six times as many as organizations with between 101 and 1,000 employees.

That number, however, does not scare small business owners. Eighty-five percent of them said in a new survey, conducted for investment and insurance company The Hartford, that they believe a data breach is unlikely to happen to them. A majority of those business owners also said they are unlikely to put any measures in place to prevent such an attack.

“Most of the business owners surveyed believe they are not at risk, when in fact smaller businesses are increasingly being targeted,” said Lynn LaGram, assistant vice president of small commercial underwriting at The Hartford. “As cybercriminals set their sights on smaller firms, it is important for business owners to take proactive measures to protect data and minimize the likelihood of a breach.”

Six in 10 small business owners acknowledge that a data breach would compromise relationships with customers. Additionally, 38 percent said they would have a negative opinion of companies that responded poorly to a breach.

There are several quick and easy steps that small business owners can take to prevent the possibility of a data breach, The Hartford noted. They include:

  • Locking and securing sensitive customer, patient or employee data
  • Restricting employee access to sensitive data
  • Shredding and securely disposing of customer, patient or employee data
  • Using password protection and data encryption
  • Having a privacy policy
  • Updating systems and software on a regular basis
  • Using firewalls to control access and lock out hackers
  • Ensuring that remote access to their company’s network is secure

“Given the potential business and reputational costs of a data breach, it’s also important for business owners to have insurance in place to help them respond and recover quickly and effectively in the event of a breach,” said LaGram.

The information in this research was based on the responses of more than 500 small business owners with fewer than 50 employees. The research was conducted by the Pert Group for The Hartford as a part of their Small Business Data Protection Survey.

This article was written by David Mielach and published in Foxbusiness.com.

Posted in Small Business TipsComments (0)