Security doesn’t have to be expensive to be effective.
 |
| By Giles Witherspoon-Boyd |
But if 10% is all you have to spend, let’s make it work to your advantage.
Understanding hackers
Malicious hackers exist for one purpose. Stealing valuable data to make a profit on the black market. While there is no such thing as hack-proof, understand that data thieves and cybercriminals are notoriously lazy. They look for easy paths to compromise, and are often dissuaded by simple security roadblocks.Let’s set up some roadblocks.
Watch this Slideshare to learn some budget-friendly tips, products, and tools that can dramatically limit your organization’s exposure to hackers.
So, to recap, here are my 10 tips for effective, reasonable security
- Conduct regular vulnerability scans to locate external network vulnerabilities before criminals do.
- Update anti-virus software, regularly. This software helps find the latest malware/virus versions that may compromise your system.
- Update software and hardware, regularly. Even updating your browser can have an effect on your overall business security.
- Change passwords. If you have a hard time remembering your password, think of a memorable phrase, then take the first letter from each word to create your password. Here’s an example. “My dog Kibbles has 16 teeth & loves steak” becomes “MdKh16t&ls.”
- Install a strong firewall, and make sure the firewall rules limit incoming and outgoing traffic.
- Scan mobile devices for threats. Check out MobileScan to verify mobile device security in seconds.
- Encrypt portable data. That’s right, I’m talking about all USB drives, hard drives, and CDs.
- Start training employees. After all, your business is only as secure as its weakest link.
- Discover your unencrypted card data. Get a free trial of PANscan and find that dangerous stored card data before criminals do.
- Get breach protection and avoid unforeseen expenses in case your business is compromised.
Giles Witherspoon-Boyd (PCIP) is Enterprise Account Manager at SecurityMetrics and assists businesses in defining their PCI DSS scope.