SlideShare une entreprise Scribd logo

Protecting Your Small Business Against ID Fraud

Télécharger en tant que PPTX, PDF
Management Insights LLC
Management Insights LLC

Management Insights offers a complete ID Theft/Data Breach solution designed to meet the needs of your business 1. We insure greater business security with our comprehensive approach: systems, procedures, people and physical plant 2. We create a response plan, train the people and document the whole project 3. We build in a relationship with best of breed ID theft remediation service 4. We become an ongoing resource

Business
1  sur  69
Protecting Your Business Against ID Fraud P R E SE NT ED B Y J A ME S HI S E Y I I P R E SIDENT MA NAG E ME NT INS I G HT S
A SCORE WORKSHOP • Goals for our time together • Help prepare you and your business to defend against ID theft. • Give you some useful resources you can use to guard against ID fraud and to use Understand when the business is attacked. Protect the why ID business Fraud is such a big deal Prepare the business Respond when theft happens
Many industry experts tell us it is not if but when your small business will be targeted by a cybercriminal HAVING A PR O CE S S I N P L ACE TO AVO I D A ND / O R MI T I G AT E CY B E R CR I ME S I S PA R A MO U NT
Crooks love small businesses • Small Businesses don’t believe they are at risk – this makes them an easy target • They don’t have staff dedicated to keeping the company safe • They often don’t have policies, processes and procedures to safeguard the business • They often don’t have a culture that creates an awareness of the danger • They don’t know what to do if a data breach or id theft happens
Are you a target?
"Small businesses feel like they're immune from cybercrime, and they're wrong. They are absolutely on the list of potential targets of cybercriminals," said Larry Ponemon, chairman of the Ponemon Institute. A recent survey of executives at 500 U.S. companies of varying sizes found that 76% had had a cyber security You are at risk incident within the past 12 months resulting in the loss of money, data, intellectual property or the ability to conduct day-to-day business, according to the Computing Technology Industry Association. About half of those cases were described by the businesses as "serious."
Most companies experience opportunity costs associated with a breach indecent, which results from diminished trust or confidence by present and future customers. … the negative publicity associated with a data breach incident can often damage companies’ reputations… and [slow] new customer acquisitions. (Ponemon Institute Study, 2010) The estimated cost of a data breach is $214 You have a per record. It could cost an organization with 1,000 customers $214,000 and months to recover. This can strain the responsibility resources of even large organizations. For a small company the result could be devastating.
An Identity Theft happens when a crook steals YOUR information A Data Breach happens when a crook steals your CUSTOMERS’ information
• Accidents Identity theft • Losing equipment and data • Hitting the send all button on an email with sensitive information breaches are • Malicious attack types of ID • Hackers or Thieves Fraud • Viruses • System Failures Both can happen for many reasons • Actual computer failures that lead to loss of data • Poor policy and lack of preparedness by the organization
An ID thief can • Drivers licenses be anybody from • Credit cards your trash • Social Security numbers collector to an • Passport employee to a cyber criminal • Medical records • Customer records Your car • Utility bills Your office Your trash • Intellectual property Your mailbox Your phone Your computers Your network Your people
• Banking/Financial • Business/Corporate • Educational • Government • Medical/Healthcare Hackers can enter your computer systems from the internet and steal information. Employees could lose a laptop with company records on it. Anybody with a thumb drive can Data Breaches steal information. Thieves could break into your offices and steal records.
Thieves steal from us using the very things we need to be in business today
• Viruses • SPAM • Phishing • Systems • Lack of policies • Lack of preparedness • Lack of knowledge Where your • Your trash company is • The phone vulnerable… • Social Media …and the list grows all the time as • The Cloud technology pushes forward • Your People
We are vulnerable on the Internet File Infectors: Attach themselves to programs and spread when you run the program Viruses and malware are Boot Sector: Write themselves into the computer’s memory when you start it computer programs - sometimes called Trojan Horses: Act like legitimate programs malicious code - Macro Virus: Attach themselves to that are created to documents, email, websites, pictures and cause harm! anything else you might open on the internet
What to Expect if Infected… • Delete files • Wipe your hard drive clean Viruses and their • Email confidential information to crooks relatives • Cause your computer to attack other computers can and do: • Make it impossible for you to use the machine
Viruses have lots of names DoS attack - denial of service RootKit Drive by download Key logger Malware Adware Trojan Botnet Spyware
• Denial of service attacks are designed to crash your website, your server or your network • Crooks flood the website with so many requests for pages that the server can’t respond and crashes DoS Attack Denial of Service and DDoS distributed denial of service attacks
• A rootkit gives the crook access to all your folders and files, things like your address book, and your customer records • It runs with administer privileges • Rootkits hide from your antivirus software on the operating system • They also hide other programs like malware, bots and worms • They can be hard to remove RootKit • They can be hard to detect A rootkit commands and controls the computer without your knowledge • They can create logs about your computer usage
• Key loggers are really good at stealing user names and passwords • Common sources of key loggers are file sharing networks, online gaming sites, fake greeting cards sent via email • A key logger a may also install root kits or other programs on your computer • There are hardware key loggers that can be Key Logger installed on a computer Key loggers can record all of your keystrokes or even respond when you visit a banking website and enter your user name and password
• Adware can download automatically and without your knowledge by some websites or free programs • Adware can redirect your browser to another site - more often than not, one you don’t want to visit • Adware crooks can take advantage of misspelled URL’s to take you to a drive by website Adware Adware are programs that launch pop ups and other advertisements
• Back up your data • Purchase an antivirus software package How to protect • Be sure you have a firewall in place your company • Update your software from viruses • Use secure passwords with the ability to change them periodically • Don’t respond to emails unless you know who sent them Having processes and standard procedures – that are understood and • Don’t click on links adopted by all staff relating to all of these activities - is a critical first step • Do a full anti-virus scan on all of your – these are great place to start! computers on a regular basis
• All you have to do is visit the site • It is not just “those websites” • Legitimate websites can be infected. Celebrity sites that down loaded malicious code were in the news recently • There are ways to trace your steps Hackers/Drive by Downloads Hackers install software that downloads automatically when you visit an infected website
You may be amazed at who gets notified when you visit a website
Collusion is a browser add on that graphs what happens when you visit a website
• Be sure your firewall is on • Consider a third party firewall • Never click on links where people other than the owner have posted them – blogs, chat rooms How to protect yourself from • Use latest NON Beta browsers drive by • Don’t install plug ins or add-ons that you don’t know downloads • Be careful about downloading software.
• SPAM is all that junk e-mail you get • It is sent out in mass and spammers make money from the small percentage of people who respond • SPAM can - and sometimes does - spread malicious code SPAM You really can thank Monty Python
• They buy them • 30 million Hotmail addresses go for $450 • 5 million Gmail addresses go for $350 • If your Internet service provider won’t let you send 5 million emails at once, crooks can buy that service too How do crooks get my email in the first place? Or phone number, etc.
• You provide them yourself • Sign up for newsletters • Facebook, google+ • AMAZON • LinkedIn • Online banking • Go paperless How do crooks • Your Internet service provider get my email in • All of those countless people and companies that ask the first place? you for your address Or phone number, etc.
• Use multiple email addresses • One for your business: jhisey@management- insights.com • One for your personal mail: hiseyii@gmail.com • You could have a “subscriber” email and use it to register in public forums, chat rooms, mailing lists etc. • Don’t click un-subscribe links or respond to How to protect spam. When you do the spammer knows you are a real person and you will get even more. your company from SPAM • Use an ISP that provides SPAM filters – most do now days. Don’t ever click on links or attachments included in e-mail unless • If your private address is discovered – change it you know for certain who sent them. Even if you know the person be wary and find out if they actually sent the • Make sure your web browser is up to date email before you reply or click
• Phishing tricks you into giving away your personal information by creating a fake replica of a real company website • Phishers are all those people who want to send you $1 million from their uncle in Nicaragua • Phishers are the friends of yours who send an email from the far east saying they are stranded and need you to send them money Phishing • Phishers are not all on the internet. Those phone calls from the “credit information” Phishing tricks you into giving away service are phishing too your personal or company information. Sometimes it is called social engineering
This is a real example of a phishing expedition So when The crook’s you click website is no your are longer there taken here
This is the real CitiBank website Notice the real address is in bold And that the lock sign is there
Here is a Phishing attempt my wife received Looks real until you check the return address and the foreign alphabet after the ID summary
• Look for the lock symbol in the address • Report anything suspicious to your bank • Don’t complete a form in an email message that asks for personal information • Be sure the HTTPS:// is in the internet address How to protect • Don’t use an email message to load the web yourself from page. Type in the address yourself Phishing • Check your accounts regularly This is especially important if someone is asking you for bank information
• Facebook, LinkedIn, YouTube, Twitter and more are all important ways to Social Media network and grow your business • As we put more and more information Secure Passwords are a major online it makes it easier for our way to protect your identity on customers and potential customers to social media sights find us • Our information also opens You want customers and those you don’t know are customers opportunities for theft to find you You DON’T want people to change your profile
Social Media - Meet my “friend” JoergR JeorgR sent me this email I didn’t think I knew him but he looked sort of familiar and I was curious Clicking on the link was a BAD idea Fortunately my virus protection software caught the virus before any harm was done
Social Media You can change what people see on your public profile
• Drop Box • ICloud • Google • Microsoft • Amazon The Cloud More and more companies are offering to keep your information on their servers
• Drop Box • ICloud • Cloud computing is the wave of the future • Google • The question is do you want to have someone else have all of your important business information on • Microsoft their computer • Amazon • Actually you probably have a lot of information in the cloud already • Email, music, on line backups • You need to know how your data is being secured and what measures the service provider takes to The Cloud ensure the integrity and availability of that data Safety and privacy is a concern should the unexpected occur • Use secure passwords •
Systems Security T HE R E IS A LOT YO U CA N D O TO P R OT E CT YO U R CO MP U T ER S Y S T E MS
Firewalls Firewalls control what programs can communicate with your computer
• Add ins • Plug Ins • Security Settings • InPrivate Secure your web browser
Pop Up Blockers Control those unwanted ads and websites that “Pop UP” when you visit the main site. Even MSNBC uses pop ups Privacy settings control which pop ups are allowed
Plug Ins and Add Ins their relatives This is software that increases the functionality of a larger program. For example, a plug in allows your web browser to play videos Some are gateways for malware There are ways to disable plug ins and add ins
• Make passwords you can remember but are hard to guess. Not your kids names, not your birthday, not a real word • Mix upper and lowercase letters, numbers and punctuation marks • Don’t use the same password on all of your accounts. If a hacker cracks one they have them all • Use a phrase – !amcO1dt@day How to create a • Use Padding – C@t$$$$$$$$$$$$$$$ secure password • Change your passwords often, but don’t recycle Size does matter them East1port, West2port, South3port A 6 letter alpha numeric password can • Don’t tell anyone your password! If you have to give be cracked in 0.0000224 seconds it out, change it right away A 10 letter alpha numeric password can take weeks to crack
• So you have all of these fancy secure passwords but if you are like me I can’t remember them when I need them. • A Password Manager remembers them all for you and signs you in automatically. • They will generate secure passwords • All you have to do is remember 1 password. Password • PC magazine rates some of the best - Managers • Dashlane 1.1 Password Managers keep track of all of your passwords... • Kaspersky Password Manager You may find them useful • Last Pass 2.0
• Your computer starts behaving strangely • Unexpected sounds or messages • Programs that start all by themselves • You get a firewall warning How do you • System errors know if your • Computer won’t start computer is • Blue screen of death infected • The hard drive access light keeps running It is not always easy to tell • Web browser won’t let you close a window • Programs or controls no longer work
• Disconnect from the internet • Try loading the operating system in “safe mode” • Boot from a rescue CD • If the computer starts do a complete scan using your antivirus software. If the virus scan finds nothing you may not have a virus What to do with • Remove any unlicensed/trial software a computer that • Remove all of those junk files you have has a virus It is not always easy to tell • Be sure you have the latest software updates installed • If the computer was compromised and data was breached don’t turn it off
We are vulnerable – Dumpsters and more Don’t forget that the internet is not the only place your data can be breached
• Use a shredder • Keep files locked • Secure your mail boxes • Use passwords on your computers’ screensaver Protect physical records and prying eyes
Preparedness Plan
If a breach occurs there is a lot to do these are the things you need to consider across your business • Leadership to provide direction and resources • Secure the computer systems • Familiarity with changing state and federal notification requirements • Notifying the media and keeping track of how a breach It takes a whole may affect on the business company to • Training employees and making them aware of how to protect themselves and the organization protect the • Notifying and engaging law enforcement should a business theft occur In a small organization managing • Working with a theft and data breach resolution all of these functions may rest on provider to handle escalation, tracking, notification just one or two people and call center services for those affected by the breach
• Have data security and mobile device policies and keep them current • Communicate those policies to everyone • Limit the type of data and employee can assess based on job requirements • Review the plan annually Make fraud preparedness a priority Make sure everyone in the company knows what to do
• Choose an Incident leader • Manages the company’s overall response and team • Is the intermediary between executives and the team • Reports problems and progress Make fraud • Identifies key tasks, timelines, documents and reports the theft and its solution preparedness a • Proposes the ID Fraud budget required to remedy priority • • Summarizes required steps Updates contact lists Put your team together • Assures key personnel are trained Train everybody • Reviews the organization’s response to make the next time function better Practice – just like a fire drill
• Internet access • Email • Preparedness is a priority • Restricted use of thumb drives • Laptops are encrypted • Mobile devices • Data access limited to those who need to know Are you ready? • Best practices followed by the entire organization • Regular bank and credit card account monitoring
• Work with your attorney to be sure you meet your industry reporting obligations for the type of data that was stolen • Review who needs to be contacted • Customers • Employees • Media Are you Ready – • Regulators Look at your • Agencies legal obligations • If notification is required be sure they are sent within the required time line • Never send Social Security Numbers or other sensitive information to vendors supporting your breach rectification efforts
1. Update the data breach response team contact list 2. Review your response plan to be sure it is comprehensive 3. Review notification requirements 4. Evaluate your Information Technology Security 5. Be sure third parties that have access to Are you ready? your data use best practices Quarterly 6. Review your vendor contracts to assure they continue to match your requirements
What to do if there is a breach
1. Note the date and time the theft occurred or you found out about it 2. Engage the response team 3. Preserve evidence by securing the place where the theft occurred 4. Take affected machines offline to stop additional harm but DON’T turn them off 5. Document, document, document What to do first 6. Determine what the risk is overall and prioritize next steps The breach or theft is “discovered” 7. Notify your vendors 8. Bring in the police
• What counter measures were in place when the theft occurred • Was the data encrypted • Review backups and other information that was preserved to find out as best you can what was Work with your taken team to find out • Begin the process to determine who was more about affected and the extent of it what happened • Put together names and address so they can be notified
• Find and delete the virus or other tools the hacker used to get the data • Clean the affected machines before you put them back on line • Find and fix security gaps or other risks • Do the best you can to ensure that the type of Fix the cause of breach does not happen again the problem • Document the who, what, when, how and why of the breach or theft
• Microsoft malicious software removal tool • Microsoft Safety and Security Center • Your computer manufacturer • Your soft ware manufacturer • Your ISP • Google Resources • Virus definition directory There are tons of information out • Build a list of trusted sites there about ID Fraud • ID theft resource center
• Credit Monitoring • Credit Reports • Credit Scores ID Theft • Internet Monitoring Protection • Alerts Services • Public Records Monitoring NXG Strategies • Software Lifelock ProtectMY ID • Lost Wallet Trusted ID • Insurance / Guarantee • Call Center • Guidance and advice
Summary
Protecting the business against theft requires all of these things • Knowledge I asked someone once what is the • Systems most important thing you need to have a successful business. He said • People “You need it all.” • Policies ID theft protection is part of the requirement. There is a lot to learn but you are not • Plans alone • Partners SCORE Management Insights
At the end of the day it is the right thing to do! • Knowledge • Your computers and your business will run better • Your business will be more secure • Systems • You will have more time to do the important things • You will save money • People • You are fighting evil • You will sleep at night • Policies • You are being a proactive business owner • You will know enough to finally understand what the IT people are • Plans talking about a little better • You will have more power over your enemies • Partners • You will have done all you can to protect your business against a real and present danger • You will meet some really cool people who have your back • Power
Questions
How did we do?
James Hisey II President Management Insights LLC 384 Ronald Drive Fairfield, CT 06825 203-307-5123 jhisey@management-insights.com Thank you!

Recommandé

How To Grow Your Business Through Social Media For Wharton 2
How To Grow Your Business Through Social Media For Wharton 2How To Grow Your Business Through Social Media For Wharton 2
How To Grow Your Business Through Social Media For Wharton 2Robin Colner
 
Managing Obstructive Sleep Apnea Saves Lives and health
Managing Obstructive Sleep Apnea Saves Lives and healthManaging Obstructive Sleep Apnea Saves Lives and health
Managing Obstructive Sleep Apnea Saves Lives and healthManagement Insights LLC
 
One of 2 protect your business
One of 2 protect your businessOne of 2 protect your business
One of 2 protect your businessManagement Insights LLC
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Management Insights LLC
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 

Recommandé

How To Grow Your Business Through Social Media For Wharton 2
How To Grow Your Business Through Social Media For Wharton 2How To Grow Your Business Through Social Media For Wharton 2
How To Grow Your Business Through Social Media For Wharton 2Robin Colner
 
Managing Obstructive Sleep Apnea Saves Lives and health
Managing Obstructive Sleep Apnea Saves Lives and healthManaging Obstructive Sleep Apnea Saves Lives and health
Managing Obstructive Sleep Apnea Saves Lives and healthManagement Insights LLC
 
One of 2 protect your business
One of 2 protect your businessOne of 2 protect your business
One of 2 protect your businessManagement Insights LLC
 
Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Protect against id fraud workshop 2 of 2
Protect against id fraud workshop 2 of 2Management Insights LLC
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 DelhiCall Girls in Delhi
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876dlhescort
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
Event mailer assignment progress report .pdf
Event mailer assignment progress report .pdfEvent mailer assignment progress report .pdf
Event mailer assignment progress report .pdftbatkhuu1
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...lizamodels9
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Trucks in Minnesota
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfOnline Income Engine
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture CodeSkeleton Technologies
 

Contenu connexe

Dernier

MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMRavindra Nath Shukla
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdfRenandantas16
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 DelhiCall Girls in Delhi
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insightsseri bangash
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...Paul Menig
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Delhi Call girls
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒anilsa9823
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876dlhescort
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communicationskarancommunications
 
Event mailer assignment progress report .pdf
Event mailer assignment progress report .pdfEvent mailer assignment progress report .pdf
Event mailer assignment progress report .pdftbatkhuu1
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...lizamodels9
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfOnline Income Engine
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 

Dernier (20)

MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
Monte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSMMonte Carlo simulation : Simulation using MCSM
Monte Carlo simulation : Simulation using MCSM
 
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf0183760ssssssssssssssssssssssssssss00101011 (27).pdf
0183760ssssssssssssssssssssssssssss00101011 (27).pdf
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
9599632723 Top Call Girls in Delhi at your Door Step Available 24x7 Delhi
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 
Understanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key InsightsUnderstanding the Pakistan Budgeting Process: Basics and Key Insights
Understanding the Pakistan Budgeting Process: Basics and Key Insights
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...7.pdf This presentation captures many uses and the significance of the number...
7.pdf This presentation captures many uses and the significance of the number...
 
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
Best VIP Call Girls Noida Sector 40 Call Me: 8448380779
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
VIP Call Girls In Saharaganj ( Lucknow ) 🔝 8923113531 🔝 Cash Payment (COD) 👒
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
Pharma Works Profile of Karan Communications
Pharma Works Profile of Karan CommunicationsPharma Works Profile of Karan Communications
Pharma Works Profile of Karan Communications
 
Event mailer assignment progress report .pdf
Event mailer assignment progress report .pdfEvent mailer assignment progress report .pdf
Event mailer assignment progress report .pdf
 
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
Call Girls In Holiday Inn Express Gurugram➥99902@11544 ( Best price)100% Genu...
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
Unlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdfUnlocking the Secrets of Affiliate Marketing.pdf
Unlocking the Secrets of Affiliate Marketing.pdf
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 

En vedette

AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at WorkGetSmarter
 

En vedette (20)

AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 

Protecting Your Small Business Against ID Fraud

  • 1. Protecting Your Business Against ID Fraud P R E SE NT ED B Y J A ME S HI S E Y I I P R E SIDENT MA NAG E ME NT INS I G HT S
  • 2. A SCORE WORKSHOP • Goals for our time together • Help prepare you and your business to defend against ID theft. • Give you some useful resources you can use to guard against ID fraud and to use Understand when the business is attacked. Protect the why ID business Fraud is such a big deal Prepare the business Respond when theft happens
  • 3. Many industry experts tell us it is not if but when your small business will be targeted by a cybercriminal HAVING A PR O CE S S I N P L ACE TO AVO I D A ND / O R MI T I G AT E CY B E R CR I ME S I S PA R A MO U NT
  • 4. Crooks love small businesses • Small Businesses don’t believe they are at risk – this makes them an easy target • They don’t have staff dedicated to keeping the company safe • They often don’t have policies, processes and procedures to safeguard the business • They often don’t have a culture that creates an awareness of the danger • They don’t know what to do if a data breach or id theft happens
  • 5. Are you a target?
  • 6. "Small businesses feel like they're immune from cybercrime, and they're wrong. They are absolutely on the list of potential targets of cybercriminals," said Larry Ponemon, chairman of the Ponemon Institute. A recent survey of executives at 500 U.S. companies of varying sizes found that 76% had had a cyber security You are at risk incident within the past 12 months resulting in the loss of money, data, intellectual property or the ability to conduct day-to-day business, according to the Computing Technology Industry Association. About half of those cases were described by the businesses as "serious."
  • 7. Most companies experience opportunity costs associated with a breach indecent, which results from diminished trust or confidence by present and future customers. … the negative publicity associated with a data breach incident can often damage companies’ reputations… and [slow] new customer acquisitions. (Ponemon Institute Study, 2010) The estimated cost of a data breach is $214 You have a per record. It could cost an organization with 1,000 customers $214,000 and months to recover. This can strain the responsibility resources of even large organizations. For a small company the result could be devastating.
  • 8. An Identity Theft happens when a crook steals YOUR information A Data Breach happens when a crook steals your CUSTOMERS’ information
  • 9. • Accidents Identity theft • Losing equipment and data • Hitting the send all button on an email with sensitive information breaches are • Malicious attack types of ID • Hackers or Thieves Fraud • Viruses • System Failures Both can happen for many reasons • Actual computer failures that lead to loss of data • Poor policy and lack of preparedness by the organization
  • 10. An ID thief can • Drivers licenses be anybody from • Credit cards your trash • Social Security numbers collector to an • Passport employee to a cyber criminal • Medical records • Customer records Your car • Utility bills Your office Your trash • Intellectual property Your mailbox Your phone Your computers Your network Your people
  • 11. • Banking/Financial • Business/Corporate • Educational • Government • Medical/Healthcare Hackers can enter your computer systems from the internet and steal information. Employees could lose a laptop with company records on it. Anybody with a thumb drive can Data Breaches steal information. Thieves could break into your offices and steal records.
  • 12. Thieves steal from us using the very things we need to be in business today
  • 13. • Viruses • SPAM • Phishing • Systems • Lack of policies • Lack of preparedness • Lack of knowledge Where your • Your trash company is • The phone vulnerable… • Social Media …and the list grows all the time as • The Cloud technology pushes forward • Your People
  • 14. We are vulnerable on the Internet File Infectors: Attach themselves to programs and spread when you run the program Viruses and malware are Boot Sector: Write themselves into the computer’s memory when you start it computer programs - sometimes called Trojan Horses: Act like legitimate programs malicious code - Macro Virus: Attach themselves to that are created to documents, email, websites, pictures and cause harm! anything else you might open on the internet
  • 15. What to Expect if Infected… • Delete files • Wipe your hard drive clean Viruses and their • Email confidential information to crooks relatives • Cause your computer to attack other computers can and do: • Make it impossible for you to use the machine
  • 16. Viruses have lots of names DoS attack - denial of service RootKit Drive by download Key logger Malware Adware Trojan Botnet Spyware
  • 17. • Denial of service attacks are designed to crash your website, your server or your network • Crooks flood the website with so many requests for pages that the server can’t respond and crashes DoS Attack Denial of Service and DDoS distributed denial of service attacks
  • 18. • A rootkit gives the crook access to all your folders and files, things like your address book, and your customer records • It runs with administer privileges • Rootkits hide from your antivirus software on the operating system • They also hide other programs like malware, bots and worms • They can be hard to remove RootKit • They can be hard to detect A rootkit commands and controls the computer without your knowledge • They can create logs about your computer usage
  • 19. • Key loggers are really good at stealing user names and passwords • Common sources of key loggers are file sharing networks, online gaming sites, fake greeting cards sent via email • A key logger a may also install root kits or other programs on your computer • There are hardware key loggers that can be Key Logger installed on a computer Key loggers can record all of your keystrokes or even respond when you visit a banking website and enter your user name and password
  • 20. • Adware can download automatically and without your knowledge by some websites or free programs • Adware can redirect your browser to another site - more often than not, one you don’t want to visit • Adware crooks can take advantage of misspelled URL’s to take you to a drive by website Adware Adware are programs that launch pop ups and other advertisements
  • 21. • Back up your data • Purchase an antivirus software package How to protect • Be sure you have a firewall in place your company • Update your software from viruses • Use secure passwords with the ability to change them periodically • Don’t respond to emails unless you know who sent them Having processes and standard procedures – that are understood and • Don’t click on links adopted by all staff relating to all of these activities - is a critical first step • Do a full anti-virus scan on all of your – these are great place to start! computers on a regular basis
  • 22. • All you have to do is visit the site • It is not just “those websites” • Legitimate websites can be infected. Celebrity sites that down loaded malicious code were in the news recently • There are ways to trace your steps Hackers/Drive by Downloads Hackers install software that downloads automatically when you visit an infected website
  • 23. You may be amazed at who gets notified when you visit a website
  • 24. Collusion is a browser add on that graphs what happens when you visit a website
  • 25. • Be sure your firewall is on • Consider a third party firewall • Never click on links where people other than the owner have posted them – blogs, chat rooms How to protect yourself from • Use latest NON Beta browsers drive by • Don’t install plug ins or add-ons that you don’t know downloads • Be careful about downloading software.
  • 26. • SPAM is all that junk e-mail you get • It is sent out in mass and spammers make money from the small percentage of people who respond • SPAM can - and sometimes does - spread malicious code SPAM You really can thank Monty Python
  • 27. • They buy them • 30 million Hotmail addresses go for $450 • 5 million Gmail addresses go for $350 • If your Internet service provider won’t let you send 5 million emails at once, crooks can buy that service too How do crooks get my email in the first place? Or phone number, etc.
  • 28. • You provide them yourself • Sign up for newsletters • Facebook, google+ • AMAZON • LinkedIn • Online banking • Go paperless How do crooks • Your Internet service provider get my email in • All of those countless people and companies that ask the first place? you for your address Or phone number, etc.
  • 29. • Use multiple email addresses • One for your business: jhisey@management- insights.com • One for your personal mail: hiseyii@gmail.com • You could have a “subscriber” email and use it to register in public forums, chat rooms, mailing lists etc. • Don’t click un-subscribe links or respond to How to protect spam. When you do the spammer knows you are a real person and you will get even more. your company from SPAM • Use an ISP that provides SPAM filters – most do now days. Don’t ever click on links or attachments included in e-mail unless • If your private address is discovered – change it you know for certain who sent them. Even if you know the person be wary and find out if they actually sent the • Make sure your web browser is up to date email before you reply or click
  • 30. • Phishing tricks you into giving away your personal information by creating a fake replica of a real company website • Phishers are all those people who want to send you $1 million from their uncle in Nicaragua • Phishers are the friends of yours who send an email from the far east saying they are stranded and need you to send them money Phishing • Phishers are not all on the internet. Those phone calls from the “credit information” Phishing tricks you into giving away service are phishing too your personal or company information. Sometimes it is called social engineering
  • 31. This is a real example of a phishing expedition So when The crook’s you click website is no your are longer there taken here
  • 32. This is the real CitiBank website Notice the real address is in bold And that the lock sign is there
  • 33. Here is a Phishing attempt my wife received Looks real until you check the return address and the foreign alphabet after the ID summary
  • 34. • Look for the lock symbol in the address • Report anything suspicious to your bank • Don’t complete a form in an email message that asks for personal information • Be sure the HTTPS:// is in the internet address How to protect • Don’t use an email message to load the web yourself from page. Type in the address yourself Phishing • Check your accounts regularly This is especially important if someone is asking you for bank information
  • 35. • Facebook, LinkedIn, YouTube, Twitter and more are all important ways to Social Media network and grow your business • As we put more and more information Secure Passwords are a major online it makes it easier for our way to protect your identity on customers and potential customers to social media sights find us • Our information also opens You want customers and those you don’t know are customers opportunities for theft to find you You DON’T want people to change your profile
  • 36. Social Media - Meet my “friend” JoergR JeorgR sent me this email I didn’t think I knew him but he looked sort of familiar and I was curious Clicking on the link was a BAD idea Fortunately my virus protection software caught the virus before any harm was done
  • 37. Social Media You can change what people see on your public profile
  • 38. • Drop Box • ICloud • Google • Microsoft • Amazon The Cloud More and more companies are offering to keep your information on their servers
  • 39. • Drop Box • ICloud • Cloud computing is the wave of the future • Google • The question is do you want to have someone else have all of your important business information on • Microsoft their computer • Amazon • Actually you probably have a lot of information in the cloud already • Email, music, on line backups • You need to know how your data is being secured and what measures the service provider takes to The Cloud ensure the integrity and availability of that data Safety and privacy is a concern should the unexpected occur • Use secure passwords •
  • 40. Systems Security T HE R E IS A LOT YO U CA N D O TO P R OT E CT YO U R CO MP U T ER S Y S T E MS
  • 41. Firewalls Firewalls control what programs can communicate with your computer
  • 42. • Add ins • Plug Ins • Security Settings • InPrivate Secure your web browser
  • 43. Pop Up Blockers Control those unwanted ads and websites that “Pop UP” when you visit the main site. Even MSNBC uses pop ups Privacy settings control which pop ups are allowed
  • 44. Plug Ins and Add Ins their relatives This is software that increases the functionality of a larger program. For example, a plug in allows your web browser to play videos Some are gateways for malware There are ways to disable plug ins and add ins
  • 45. • Make passwords you can remember but are hard to guess. Not your kids names, not your birthday, not a real word • Mix upper and lowercase letters, numbers and punctuation marks • Don’t use the same password on all of your accounts. If a hacker cracks one they have them all • Use a phrase – !amcO1dt@day How to create a • Use Padding – C@t$$$$$$$$$$$$$$$ secure password • Change your passwords often, but don’t recycle Size does matter them East1port, West2port, South3port A 6 letter alpha numeric password can • Don’t tell anyone your password! If you have to give be cracked in 0.0000224 seconds it out, change it right away A 10 letter alpha numeric password can take weeks to crack
  • 46. • So you have all of these fancy secure passwords but if you are like me I can’t remember them when I need them. • A Password Manager remembers them all for you and signs you in automatically. • They will generate secure passwords • All you have to do is remember 1 password. Password • PC magazine rates some of the best - Managers • Dashlane 1.1 Password Managers keep track of all of your passwords... • Kaspersky Password Manager You may find them useful • Last Pass 2.0
  • 47. • Your computer starts behaving strangely • Unexpected sounds or messages • Programs that start all by themselves • You get a firewall warning How do you • System errors know if your • Computer won’t start computer is • Blue screen of death infected • The hard drive access light keeps running It is not always easy to tell • Web browser won’t let you close a window • Programs or controls no longer work
  • 48. • Disconnect from the internet • Try loading the operating system in “safe mode” • Boot from a rescue CD • If the computer starts do a complete scan using your antivirus software. If the virus scan finds nothing you may not have a virus What to do with • Remove any unlicensed/trial software a computer that • Remove all of those junk files you have has a virus It is not always easy to tell • Be sure you have the latest software updates installed • If the computer was compromised and data was breached don’t turn it off
  • 49. We are vulnerable – Dumpsters and more Don’t forget that the internet is not the only place your data can be breached
  • 50. • Use a shredder • Keep files locked • Secure your mail boxes • Use passwords on your computers’ screensaver Protect physical records and prying eyes
  • 52. If a breach occurs there is a lot to do these are the things you need to consider across your business • Leadership to provide direction and resources • Secure the computer systems • Familiarity with changing state and federal notification requirements • Notifying the media and keeping track of how a breach It takes a whole may affect on the business company to • Training employees and making them aware of how to protect themselves and the organization protect the • Notifying and engaging law enforcement should a business theft occur In a small organization managing • Working with a theft and data breach resolution all of these functions may rest on provider to handle escalation, tracking, notification just one or two people and call center services for those affected by the breach
  • 53. • Have data security and mobile device policies and keep them current • Communicate those policies to everyone • Limit the type of data and employee can assess based on job requirements • Review the plan annually Make fraud preparedness a priority Make sure everyone in the company knows what to do
  • 54. • Choose an Incident leader • Manages the company’s overall response and team • Is the intermediary between executives and the team • Reports problems and progress Make fraud • Identifies key tasks, timelines, documents and reports the theft and its solution preparedness a • Proposes the ID Fraud budget required to remedy priority • • Summarizes required steps Updates contact lists Put your team together • Assures key personnel are trained Train everybody • Reviews the organization’s response to make the next time function better Practice – just like a fire drill
  • 55. • Internet access • Email • Preparedness is a priority • Restricted use of thumb drives • Laptops are encrypted • Mobile devices • Data access limited to those who need to know Are you ready? • Best practices followed by the entire organization • Regular bank and credit card account monitoring
  • 56. • Work with your attorney to be sure you meet your industry reporting obligations for the type of data that was stolen • Review who needs to be contacted • Customers • Employees • Media Are you Ready – • Regulators Look at your • Agencies legal obligations • If notification is required be sure they are sent within the required time line • Never send Social Security Numbers or other sensitive information to vendors supporting your breach rectification efforts
  • 57. 1. Update the data breach response team contact list 2. Review your response plan to be sure it is comprehensive 3. Review notification requirements 4. Evaluate your Information Technology Security 5. Be sure third parties that have access to Are you ready? your data use best practices Quarterly 6. Review your vendor contracts to assure they continue to match your requirements
  • 58. What to do if there is a breach
  • 59. 1. Note the date and time the theft occurred or you found out about it 2. Engage the response team 3. Preserve evidence by securing the place where the theft occurred 4. Take affected machines offline to stop additional harm but DON’T turn them off 5. Document, document, document What to do first 6. Determine what the risk is overall and prioritize next steps The breach or theft is “discovered” 7. Notify your vendors 8. Bring in the police
  • 60. • What counter measures were in place when the theft occurred • Was the data encrypted • Review backups and other information that was preserved to find out as best you can what was Work with your taken team to find out • Begin the process to determine who was more about affected and the extent of it what happened • Put together names and address so they can be notified
  • 61. • Find and delete the virus or other tools the hacker used to get the data • Clean the affected machines before you put them back on line • Find and fix security gaps or other risks • Do the best you can to ensure that the type of Fix the cause of breach does not happen again the problem • Document the who, what, when, how and why of the breach or theft
  • 62. • Microsoft malicious software removal tool • Microsoft Safety and Security Center • Your computer manufacturer • Your soft ware manufacturer • Your ISP • Google Resources • Virus definition directory There are tons of information out • Build a list of trusted sites there about ID Fraud • ID theft resource center
  • 63. • Credit Monitoring • Credit Reports • Credit Scores ID Theft • Internet Monitoring Protection • Alerts Services • Public Records Monitoring NXG Strategies • Software Lifelock ProtectMY ID • Lost Wallet Trusted ID • Insurance / Guarantee • Call Center • Guidance and advice
  • 65. Protecting the business against theft requires all of these things • Knowledge I asked someone once what is the • Systems most important thing you need to have a successful business. He said • People “You need it all.” • Policies ID theft protection is part of the requirement. There is a lot to learn but you are not • Plans alone • Partners SCORE Management Insights
  • 66. At the end of the day it is the right thing to do! • Knowledge • Your computers and your business will run better • Your business will be more secure • Systems • You will have more time to do the important things • You will save money • People • You are fighting evil • You will sleep at night • Policies • You are being a proactive business owner • You will know enough to finally understand what the IT people are • Plans talking about a little better • You will have more power over your enemies • Partners • You will have done all you can to protect your business against a real and present danger • You will meet some really cool people who have your back • Power
  • 68. How did we do?
  • 69. James Hisey II President Management Insights LLC 384 Ronald Drive Fairfield, CT 06825 203-307-5123 jhisey@management-insights.com Thank you!