How to Avoid Becoming the Next Data Security Cautionary Tale

security_cautionary_tale

Data security isn’t a matter to be taken lightly, as too many businesses have found out the hard way. Unfortunately, there are far too many simple ways to correct common security issues – enough that it’s foolish not to do so. We’ll review a few ways to fix security issues, after discussing one of, if not the, most egregious security failings in modern history.

The Equifax Problem

Sometime between May and July of 2017, the credit-reporting giant Equifax suffered a massive data breach that, as of this writing, exposed 148.1 million records containing the personally identifiable information of their customers. In other words, this breach exposed the data of almost half of the population of the United States of America.

In the aftermath of the Equifax data breach scandal, former CEO Richard Smith was cross-examined by Congress. Upon hearing Smith’s defense of “human and technology errors,” Chairman of the House energy and commerce committee Greg Walden quipped, “I don’t think that we can pass a law that fixes stupid.”

How to Fix Your Business’ Security

While Walden may be correct that stupid can’t be fixed by legislation, it may be able to be mitigated through the faithful enforcement of certain standards and practices. These standards should be enforced both on an organizational level, and on a case-by-case, personal basis.

First, let’s review what you should enforce in your organization:

  1. Compliance should be the baseline – Unfortunately, compliance with regulations often does not equal true data security. Instead of looking at compliance as being the ultimate goal for your business, consider it the first step to your business security strategy.
  2. Vulnerabilities need to be promptly remediated – It is astounding that so many exploits rely on known vulnerabilities… a full 99 percent of them.  Furthermore, other attack vectors often utilize vulnerabilities that are a half a year old at least. Patching these vulnerabilities as soon as possible will help cut down on threats to your business’ data and infrastructure. 
  3. Data security needs to be centralized, organized, and assigned – While security should be a shared responsibility throughout the company, there needs to also be someone taking lead and accepting responsibility for ensuring that data is properly distributed in a secure fashion. Part of this responsibility should be to implement access controls, ensuring that the data only can spread to whomever it needs to and no one else.

Encouraging Your Employees’ Security

Of course, your employees are largely in control of how secure your company remains. This could be a bad thing, unless they are also held to certain best practices that keep data, and the accounts that can access it, secure. There are a few basic rules you can enforce among your staff to help encourage them to act securely.

  1. Lazy credential habits – There are a variety of behaviors to adopt that can better protect the accounts and solutions that your employees have. First of all, the classic password problem: reusing the same password for every account. If one or more of your employees does this, each one is essentially creating a master key that someone could use to access everything in their life, including your data. Neglecting to set a passcode of some sort for a mobile device can cause the same issue. An effective way to remedy this kind of behavior is to utilize a password management system. That way, your employee can reduce the number of passwords they have to remember, without sacrificing security.
  2. Oversharing – While you can’t necessarily control what your employees do in their off-hours, you should reinforce how easily a cybercriminal could piece together their passwords through some examination of their social media, especially if they subscribe to the lazy credential habits we just reviewed. See if they’ll avoid sharing personal anecdotes or information without first restricting the audience that can see that particular post. At the very least, they should have their social media accounts set so that only their approved friends can see their content. Furthermore, do your best to avoid oversharing from the office. Images can easily show confidential information if you aren’t careful, by accidentally capturing an invoice or your customer relationship management solution pulled up on a screen in the picture. Review what you are about to post before taking the image and before you share it online. 
  3. Using the wrong Wi-Fi – While public Wi-Fi connections may be convenient, you should remind your employees that this convenience comes at a price: the security of public Wi-Fi is suspect at best. They should be warned against doing anything especially important over a public Wi-Fi signal, like banking or checking their email.

Data security is a critically important consideration, in part because there are so many ways that it can be undermined. We have some solutions to offer that can help keep your business secure (despite what may sometimes seem to be your employees’ best efforts). Reach out to White Mountain IT Services at (603) 889-0800 today!

Directive

Related Posts

Ticketmaster Suffers Major Data Breach

The world’s largest ticket retailer is in hot water after their parent company, Live Nation Entertainment filed an 8-K filing with the Security and Exchange commission admitting that they had been hacked to the tune of 1.3 terabytes of information. That amounts to 560 million customers’ personal information that has been stolen from the company’s servers. Today, we take a look at the hack and what...

A Man-in-the-Middle Attack is Not to Be Underestimated

Have you ever heard of the “man-in-the-middle” attack or MitM? It’s a situation where your data is stolen by an onlooker who situates themselves in the right place at the right time. Data interception is a very real thing that your business should be prepared to fight against. Let’s discuss some strategies you can use to counter these sneaky attacks. How a Man-in-the-Middle Attack Works For a ...

4 Essential Cybersecurity Mistakes You Can't Afford to Make

When considering your company’s cybersecurity, it is important not to lose sight of the forest for the trees… or, in other words, not to forget the basics around which the rest of your protections are built. Let’s review four cybersecurity errors that could easily domino into larger catastrophes if not nipped in the bud. Not Training Employees Let me ask you this: Before you learned to tie yo...

Tip of the Month: Using Email While Prioritizing Safety and Security

You probably use your email every day without even thinking about it. Email is, however, one of the main places hackers go when they want to steal personal information. Here are three easy steps you can take to keep your email secure. Use Strong, Unique Passwords A strong password is like a firm lock on your front door: it should be tough to crack. Here’s how to make one: Mix it up -Use a c...

Sound Familiar?

Here are some of the most common complaints we hear from businesses that aren’t satisfied with their IT vendor and want to switch to White Mountain.

There is a Better Way!

Give White Mountain IT a Call Today

BOOK A CALL

Nationwide Remote IT Services,

Without a Long Term Contract.

We provide services and support to businesses throughout the US. If we do not have an on-site resource in your area, we can manage a local vendor to provide on-site assistance if and when needed.

All our Managed Services are carried out by our dedicated team of full-time employees. These professionals have successfully cleared multiple security and background checks, ensuring the highest level of service and reliability for your business. 

Need an Onsite Visit?

We've Got You Covered!

Manchester N.H. Office:

121 Riverfront Drive
Manchester NH 03102

Nashua N.H. Office:

33 Main Street
Suite 302
Nashua NH 03064

Client Help Desk        603-889-2210

New Client Inquiries   603-889-0800

OPEN POSITIONS

Client Help Desk

603-889-2210

New Client Inquiries
   603-889-0800

© 2025 All Rights Reserved. Areas We Serve copy_right_image

Protected by Copyscape Plagiarism Checker – Do not copy content from this site.