Lessons Learned from Companies That Have Been Hacked

Over the course of the past few years, company data breaches and cyber security attacks seem almost commonplace.  It seems like the list of companies that have been hacked keeps growing — and many of these companies are household names. But anyone can be the target of destructive technologies. So when we look at what went wrong, there are often lessons that apply to the rest of us. Lesson that can help us protect our own businesses and stay out of harm’s way.  Here are a few of our takeaways:

 

Lesson #1:  Encrypt Your Portable Devices

Coca-Cola learned this lesson the hard way in 2013 when an employee stole 55 laptops from the company’s Atlanta headquarters between 2007 and 2013. As many as 74,000 employees, contractors and suppliers, were left vulnerable to identity thieves, who used their personal information to make purchases, open new accounts — even apply for jobs.

How to Help Lower Your Risk

Encrypt your company’s laptops and other portable devices, so if any of them are lost or stolen, it will be more difficult to access your data. You’ll also want to perform a clean wipe on all computers that are returned when employees leave your company.

 

Lesson #2:  Be Wary of Insider Threats

The Coca-Cola breach is also a prime example of the damage employees (and former employees) can inflict on businesses that aren’t prepared to handle insider threats. In addition to stealing equipment and data, employees can accidentally download potential viruses and malware or put your data at risk by sending unencrypted files.

How to Help Lower Your Risk

While Data Loss Prevention (DLP) solutions can help, it’s also important to train your employees on company policy, look for trends in suspicious user behavior, and be wary of employees who fit these at risk profiles.

 

Lesson #3: Your People Can Be Your Weakest Link or Your First Line of Defense

In March of 2011 a group of hackers posed as people RSA employees trusted to gain access to the company’s network. It is estimated that around 40 million employee records were stolen.

How to Help Lower Your Risk

While it’s good to update your software, put up firewalls and install anti-virus software, an experienced social engineer can bypass all of that with one phone call or email.  That’s why it’s so important to train your people. If they know what to watch out for and how to respond, your IT infrastructure will be that much safer.

 

Lesson #4:  Critical Updates Are Critical

In April of 2014, Premera Blue Cross received a report from federal auditors that they were vulnerable to a cyber attack.  The audit said that the company wasn’t installing critical updates and patches in a timely manner — and software vendors no longer supported some of their applications.  Three weeks later, the company was hacked.

How to Help Lower Your Risk

When you keep your infrastructure up to date, you keep your virtual fortress strong and less vulnerable to cyber security attacks. That’s why it’s so important to install updates and patches right away, and to have your infrastructure monitored for possible weaknesses.

 

Protect What’s Yours

In some cases, companies that have been hacked could have done things differently. Other times, they put preventative measures in place, and an attack still happened. No one is immune, but prevention is key. So if you’re concerned that your IT infrastructure is vulnerable, talk to UDT.  We can take a look at your entire data center and make recommendations based on your needs and your budget. Contact us for a free consultation.