Encrypt your devices
- More than 73% of the breaches serviced in 2013 involving portable devices could’ve been prevented if the devices were encrypted.
- Encryption is a safe harbor under virtually every breach notification law.
Automate patch management
- From 2013 to August 2014, there was a 20% increase in breaches due to malware or hacking.
- Staying on top of the latest available software patches and moving to automated patch management can protect against a breach.
Enforce password complexity
- In 2014, the breaches due to hacking or malware cost 4.5 times more than any other type of breach.
- Computer systems can now systematically cycle through all permutations of potential passwords.
- Don’t use “bad” passwords that are easy to crack … dictionary words are capable of being deduced with an algorithm.
Be alert to phishing
- From 2013 to 2014, there is a 10% increase in breaches due to someone inside the company--either an employee or contractor.
- Most breaches occur because of human error. Training is a critical step in breach preparedness. It is important to train employees to spot the indicators of a phishing email.
Double check before hitting send
- Thirty percent of the breaches in 2014 were due to unintended disclosure.
- It may be simple, but double-checking the contents of a file, email address or mailing details can really save--especially when sending data to outside vendors.