Secure Connectivity Foils Holiday HackingITFirst South Africa
There is always a little added excitement in the air when the calendar rolls over into December, don’t you think? But whether we’re revving up to celebrate the holidays or preparing for some carefully planned downtime, we need to make sure that this festive buzz doesn’t turn into a depressing downer.
We may be on holiday, but those troublesome cyber criminals are as busy as ever and are ready and willing to take advantage of the smallest chink in our armour. Is secure connectivity still on your list of things-to-do? Or are you 100% happy that you’ve battened down the hatches on all devices and connections?
What should we be looking out for?
‘Tis the season to be careful
Accounting and Auditing firm, Warren Averett says, “During the holiday season, cybercrime becomes particularly prevalent because, with the increase in transactions, there are more opportunities for cybercriminals to exploit more individuals.”
They go on to list several sobering statistics relating to holiday cybercrime, some of which are:
- 43% of holiday shopping identity theft occurs online. (Experian)
- 8% of shoppers in 2018 said they had been a victim of identity theft during a previous holiday shopping season. Of those victims, 27% said the identity theft occurred while they were shopping online during the holiday season. Another 16% said it specifically occurred while shopping online on Cyber Monday. (Experian)
- In general, 43% of all consumers who had their identity stolen say it happened while shopping online during the holidays in 2018. (Experian)
Identity theft, data breaches, phishing, scams – it’s like a really bad theme park ride which you can never get off.
Before you throw your hands up and give up completely on a restful holiday, why not scan through this short checklist which may assist you in identifying areas of weakness in your business connectivity.
Secure connectivity checklist
How do you rate on the below security aspects?
Most, if not all our team have probably been working from home this past year, and there’s a good chance it will continue during the holiday period.
Laptops and IoT devices
Therefore, a laptop with a VPN connection into the bowels of your business, or even with access to company Google documents can easily form part of the bridge that cybercriminals are looking for. Remote access via an unsecured device, a stolen laptop or tablet, or a few clumsy clicks from a child trying to get online and you have a data breach.
Ensure that, as a minimum, any device which has a connection to your business:
- Uses a secure password which changes frequently
- Does not make use of public Wi-Fi connections
- Does not make use of random USB sticks
- Has suitable firewall and malware protection in place
Multichannel Merchant makes a valid point, saying, “The weakest point of any corporate data security plan is the employee. Lost laptops, installation of shadow IT applications, sharing of PINs and passwords, or the failure to recognize malware scams can all create a data breach opening in your organization. The key to a successful data security plan is to engage and train employees on a regular basis.”
Bolt down your network
A secure company network will be segmented. It’s like locking all your internal doors when you go away on holiday, which may not protect everything in the event of a break-in but will certainly slow the criminals down and keep some things out of their prying hands.
We don’t want to hand them everything on a platter, do we?
Secure online shopping
With so much fraud occurring whilst shoppers are busy online, we need to ensure that our website and all eCommerce channels are wrapped up tight. Smart customers will have looked up ways to stay safe online and they will be armed with this information:
- Check that the website you’re shopping on operating in HTTPS mode
- Look for customer feedback on social channels and see what’s being said
- Never give out your ID number or other personal information online when shopping
- Don’t shop in public or on public Wi-Fi channels
- Double-check the company’s privacy, refund, and return policy, and check that there are contactable numbers and email addresses to handle any queries
- Enable 2-factor authentication on all card transactions
- Ensure that the company is PCI compliant
Can you check off these essential requirements for your customers to assure them a safe shopping experience?
Expanding your payment options to include mobile payment apps such as Apple Pay, Google Pay and CashApp offers cautious shoppers the option to shop without having to offer up card details. These mobile payment options use tokenization as opposed to card numbers which further closes the window of opportunity for cybercriminals.
It can certainly seem like we’re constantly putting out fires when it comes to keeping our data and that of our customers’ safe, but it’s a necessary evil.
If this has given you a headache and threatened to ruin your much-anticipated holiday, then we’d like to, firstly, apologise. And secondly, we’d like to offer a solution.
Have you considered managed services for your business?
Managed services can include as much or as little as you need, and basically makes secure connectivity and everything associated with upkeep, maintenance, and compliance someone else’s problem.
Would you like to know more?
Call us on +27 878 200 220