[BreachExchange] SMB Security: 3 Steps To Protect Online Businesses Against Cybercrime

Inga Goddijn inga at riskbasedsecurity.com
Wed Nov 30 18:05:05 EST 2016 

https://blog.pcisecuritystandards.org/3-steps-to-protect-online-businesses-against-cybercrime

With the holidays around the corner and with 57% of consumers shopping
online (National Retail Federation), it is imperative you protect your
customers while they shop on your site. And studies show that *online
attacks are increasing*-
<https://www.symantec.com/security-center/threat-report> the number of web
attacks doubled in 2015. Preventing a breach of your systems can also help
you avoid loss of revenue, damage to customer loyalty, and possible fines –
all of which can be devastating to a business.

You can make it more difficult for criminals to steal your customers’ data
by making sure all the doors are locked and holes repaired in your online
environment.

*Here are 3 things you can do NOW to protect your online business against
data theft:*

*1. Change your passwords and make them strong!*

   - 63% of confirmed breaches involved weak, default or stolen passwords.
   - The best way to make it hard for criminals is to use a passphrase
   instead of a password. A passphrase is a phrase or sentence you use instead
   of a single word. For example, the phrase “I love big donuts” could be
   changed to 1l0v3B!GD at nut$.
   - Make sure employees know this too.

*2. Install the updates known as “patches” that your payment service
provider sends you for your payment systems.*

   - Software vulnerabilities are the main reason for breaches occurring.
   - The patches help fix problems found in the system and close a door
   criminals could use to access your system and steal customer’s data. Keep
   them out, install the patches.

* 3. Think before you click!*

   - In a phishing attack, criminals send you an email to try to trick you
   to click a link or open an attachment. Always verify and confirm with the
   sender to make sure the email is really from them if it looks suspicious.
   - Be extra cautious of email attachments from unknown sources. Also,
   many viruses can fake the return address, so even if it looks like it’s
   from someone you know, be wary about opening any attachments.
   - Train employees and users on email and browser security best practices.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161130/3edb6c4c/attachment.html>

More information about the BreachExchange mailing list