Since we last posted, J.P. Morgan and other banks have joined the “honor roll” of institutions which have been hacked, and had information stolen. According to a recent overview of headline-making hacks in the Washington Post, “J.P. Morgan Chase& Co., America’s largest bank, reassured its customers by saying that there was no evidence that account information, such as passwords and Social Security numbers was compromised.” OK, good. What was compromised? “Names, addresses, phone numbers and e-mail addresses of account holders were accessed.”
The bank goes on to say that for customers not be liable for fraudulent charges derived from that information, “they must ‘promptly alert’ the firm about any unauthorized transactions.” You’d think, the article continues, that with “all of these high-profile data breaches… even though people can’t do anything about how Target and JP Morgan protect their data, everyone would at least be paying attention to how they protect their own computers from being hacked. They’d know to follow the basic practices of installing antivirus software, creating strong passwords, and being careful about what they share online, especially since the experts say that protecting the internet from hackers is a collective responsibility.
“But, you would be wrong, as Jen Havermann, a cybersecurity engineering manager at Raytheon, explained… ‘Many in the millennial generation appear to have a ‘so what’ attitude when it comes to Internet security… They, of course, don’t want their bank accounts drained, so they’re careful with passwords on those accounts, but they may not be quite as diligent in terms of keeping their system secure as a way of protecting the entire Internet from malicious hackers.’
“’They’ve grown up in a connected world where everything is connected, meaning that everything is vulnerable.’”
Yes it is. Which brings us to the second part of our series on tips from MasterCard making sure your computers and devices — the ones that keep your business going — are in fact protected in ways that have so far eluded larger institutions, and many millennial citizens.
Last week, we gave you MasterCard’s tips on securing basic ID information. This week’s set of tips have do with employee education in the workplace:
*Unplug During “Off-Hours:” If you have a store or physical space that has “off-hours” with no employees around, turn off or unplug the terminals to limit off-hour “access” for hackers seeking an opportune time to virtually break-in.
*Limit Non-Business Use of Workstations: It’s not that your employees don’t have their digital lives like everyone else, but if they’re using work machines for web browsing or checking email, that increases the risk of “worms” or malware intruding.
*Know the Email Basics: Go over the email basics, including only opening emails from known/trusted sources, and watching for misspellings or other “off” clues (like a reply going to a different domain) that could indicate a “phishing” attempt.
*Watch Out For “Click-Thrus” and Downloads: Always doublecheck URLs before clicking on hyperlinks in email communications. A better method is to type the URL into the web browser instead.. And of course, never download suspicious attachments. When in doubt about an attachment — ask and verify!
*Share These Tips With Staff! Educate!: Instead of spreading viruses around the workplace, “spread the word” instead. Share these and other anti-phishing strategies with employees, to make sure everyone’s on the same (non-infected!) page!
Next week, we conclude our “MasterCard” series with protection tips against malware. But you can get in touch with your AVPS Rep right now to doublecheck if you’re both secure – -and up-to-date — with terminals, equipment, payment methods, etc.
And to paraphrase Mr. Spock — “Stay safe, and prosper!”