It’s a sad fact of business life today. The same internet which allows a small business to reach markets all over the world, that puts customer contacts at your fingertips and lets people find you fast is also the new Wild West of crime. We have had to learn a new vocabulary, with words like “phishing”, “hacker” and “malware” striking fear into every business owner’s heart. It can be a helpless feeling watching profits (and perhaps an entire business) disappear into cyberspace because an evil person has stolen data, money or both, leaving behind almost no trail.
I recently attended a great presentation at the Inland Empire Family Business Center where Warren Kato, a Los Angeles County Deputy District Attorney in the Cyber Crime Division and Stan Stahl, Ph.D. of Citadel Information Group helped a group of business owners to both see the risks and gave solid advice as to how to minimize the chances of being a victim. There was far more information than I can pass on in a short article, but fortunately, Dr. Stahl has also founded a non-profit called SecureTheVillage which is dedicated to giving great advice on the topic. You can read more and get great resources from his website: www.securethevillage.org.
Key takeaways for me:
- Be Vigilant – Always be alert for possible attacks through suspicious e-mails, attachments and websites. Learn what to look for before you open something, and when in doubt, don’t open it!
- Know with Whom You’re Communicating – Even if you think you know who is sending you a message, if there is any doubt, use a second method to verify it is them – this can be as easy as picking up the phone and calling them and asking basic questions like “Are you really in jail in Tanzania?”
- Make Yourself Hard to Impersonate – As much as you may hate them, long passwords are really hard to break, and different passwords should be used for key sites (i.e., have a unique password for your bank and another for access to your business computer, etc.).
- Defend Aggressively – Work with your IT support to make sure you have up-to-date anti-malware, are using encryption when possible and are applying each and every software patch so you don’t have many security vulnerabilities.
- Be Prepared – Always do off-line backups, and periodically test them to make sure they work. Have a plan in place for what you would do if a cyber-criminal gets into your system and freezes them until you pay a ransom. Check into obtaining cyber-insurance, which is still relatively cheap and can provide critical resources.
If, despite all of this, you become a victim, take the time to file a report with the Federal Bureau of Investigation Internet Crime Complaint Center at www.ic3.gov. The site also has useful internet crime prevention tips, describes the schemes being used, and has brochures you can download and make available to your staff.
We won’t stop using computers, and the criminals will keep getting more sophisticated. Fabled bank robber Willie Sutton was purportedly once asked why he robbed banks. His simple reply was “Because that’s where the money is”. The same holds true with internet criminals. But if you protect yourself, you are far less likely to become a victim – and you many save your business in the process.
Brian Reider is a partner in the Business Services practice group at Best Best & Krieger LLP. Based in Ontario, California he provides business solutions for legal problems to private business clients, including manufacturing, distribution and technology companies.