Doing business in the modern marketplace requires small business owners to take on more risk than ever before. With more and more personal data and credit information being collected every day, small businesses take on more legal responsibility than they ever have – in the history of doing business.
More companies continually fall prey to cyber attacks, data breaches, and more each week. Criminals have realized that stealing data is a better business model than stealing cash or product. There seems to be no end in sight for business owners and the hackers who attack their data.
Think Like a Criminal to Prevent Attacks
Most data attacks center around information that can easily be converted to cash. Criminals pay top dollar for freshly stolen card numbers and more, but once the information is no longer fresh – it quickly loses value. And while data breaches tend to linger on for over six months, the data doesn't have value for that long.
Hackers work hard to get as much data as possible in a quick manner. Then they try to turn that information for profit rapidly. So these hackers try to attack businesses when they're getting a lot of information at once. Businesses are most vulnerable when there is a huge influx of information at once.
The biggest data breaches for all industries tends to occur at two times a year: holiday season and tax time. These times are when many businesses see the most transactions and when the most personal information is available.
A New Issue
Other industries seemingly being hit hard by hackers are health care and insurance. As electronic health care records become more common, one can expect more attacks. So let's look at when the health care industry is the busiest. Let's apply our thinking like a criminal to these industries.
The health care and insurance industries in particular, see the most personal data during one time of the year: the open enrollment period. During these periods, hackers have huge opportunities to steal information from:
- Call centers
- Online forms
We have seen an increase in attacks during open enrollment periods and expect more in the future. It is important for all business owners to be extra diligent during these periods and focus on protecting information.
What To Do
The easiest way to limit your vulnerability during these times is to stay lean. If you don't absolutely have to have the information, don't store it. Don't store or save information that isn't vital. By doing this, a hacker won't have as many access points into your systems.
You should also focus on minimizing risk when collecting necessary information. For example, if a customer is speaking with a call center representative, you can have the customer enter private information info the keypad of their phone instead of saying it out loud to the representative. This way the information is never on the call center server and is automatically sent to a secure server.
No matter what, you need to stay diligent about storing your customer’s information and pay attention when your busy season occurs. The more information you store and process, the more likely you'll be hacked. So store only the necessary information and quickly get the info to a secured server.
Worried about your exposure to cyber criminals, or just feel like you need better security protocols for your business? Call Skyline Risk Management, Inc. at (718) 267-6600 to voice your concerns.