As the holiday season approaches, cybersecurity becomes even more important than ever. Hackers tend to exploit sensitive personal and business data during this busy time of year, which means you have to be especially careful and vigilant, and should take extra precautions to not become a victim of cyberattacks. Here're some helpful tips to guide you on the path to ensuring the security of your data and prevent any information from being lost or stolen.
Here are four data security tips that everyone should take into consideration for the holiday season
1) Make sure employees know the cybersecurity basics
During the holiday season, you may have employees who are part-time or less experienced with some of the general cybersecurity protocols. Reviewing the cybersecurity basics can also be helpful for longer-term employees who may have forgotten them and can save you a great deal of hassle down the road. The basics of cybersecurity can include things such as password security, multifactor authentication, and privacy settings to ensure that all personal and company information is remaining secure.
Oftentimes, the breaches are caused unintentionally by accidents, as opposed to malicious attempts to gain access. According to CPO Magazine, “Over 70% of executives believe their organization has experienced an accidental internal breach within the past five years.” It’s often the smaller things that are forgotten or left behind, such as passwords. Google shows that 52% of people reuse passwords for multiple sites, which is a serious security risk. Regardless of personal or company passwords, if one is breached, the hacker could have access to several accounts with sensitive information.
2) Prepare for large amounts of ecommerce traffic
With the current global pandemic still in effect, many people will be turning to online shopping to complete all of their holiday gift-giving. According to Digital Commerce 360, “consumers spent $347.26 billion online with U.S. retailers, up 30.1% from $266.84 billion for the same period in 2019.” Many stores, especially ones whose primary source of sales came from physical in-store purchases may not be prepared for the amount of traffic that their online retail site will receive.
An increase in traffic presents more opportunities for lost or stolen data. Data can be lost by accident, through servers and websites getting overwhelmed with traffic, or the increased attention could attract some people who are attempting to purposefully steal information. Many businesses are quickly implementing various important security mechanisms to ensure that their information, and that of their customers, is staying safe and secure. Examples range from two-factor authentication to single sign-on, all of which bolster security and prevent intrusions. With online retail, many consumers will be concerned about their privacy, and may favor businesses with stronger security measures.
3) Keep all your technology up to date
One of the most important tips one can implement in data security is ensuring that all your technology and various programs are up to date and have versions that support each other and are compatible. Applications and programs are updated in order to provide a better experience for the user, and oftentimes, that can be fixing previous security issues or preventing new ones. Although some updates are more scheduled and their arrival is announced, others are more spur of the moment, reacting to make necessary adjustments. These updates are key, as many times they are more frequent during the holidays as companies are adjusting their software to handle new threats.
A study conducted at Carnegie Mellon showed that the main hesitancy for installing updates was the time-cost that the update took, and more often than not, people would opt to not update despite the risks. Encourage your employees that updates are vital to security, and try to perform them during very low traffic hours, or over-night, to reduce the stress or downtime you might experience while still ensuring that data security is paramount. In addition, employees may forget to install updates when they are too busy to respond to the notification reminders, or if they are part-time holiday employees, their shift may have ended. Therefore, follow-up with your employees to ensure that the updates have been indeed installed.
4) Beware of phishing attempts
Phishing attempts have always been a major security threat, but due to COVID-19, they have begun to rise even more. From SC Media, “weekly COVID-19-related phishing attacks growing from under 5,000 in February to more than 200,000 in late April;” almost a 4000% increase. Complications from the pandemic are only going to continue into 2021, therefore, it is important to remain vigilant of such COVID-19-related attacks and continue to stay up to date and educated on the latest scams. Combining the increased threats due to COVID-19 with the typical increase around the holiday seasons means people have to be more aware of security than normal.
Related Read: How Coronavirus is Infecting the State of Data Security
Begin to educate yourself and your staff on how to identify and deal with these phishing emails or attempts should you see them. The Federal Trade Commission (FTC) has a list of ways to protect yourself, especially when it comes to healthcare-related scams. At first, many of these attempts can seem legitimate, but there are a few “red flags” to watch out for. Oftentimes, the scam will invoke a sense of urgency, or be filled with many misspellings and grammatical errors. Being aware of the issue and creating a plan for the possibility it could occur can help keep you safe, and prevent anyone from being caught off guard, and ensure you are operating at full strength during the often busy and complex holiday period.
The security of your data should always be of the utmost importance, but there are several periods of time during the year where cybercrime sees an uptick. Understanding how your organization can be affected by a cybersecurity attack, and how you should prevent them, are key to data security and continued success. Take the time to educate people on the real threat these attacks can pose, and ensure that you are prepared for any situation, however “rare” you may perceive them to be.