According to one recent study, a massive 60% of all small businesses permanently close their doors within just six months of a cyber attack taking place. When you also consider the fact that the vast majority of these types of attacks actually target small businesses in the first place, it’s easy to understand why this is such a big – and important – deal.
But the truth is, it isn’t necessarily the attack itself that causes these organizations to prematurely close. Yes, the dollar value attached with the downtime you’ll experience can be staggering. Just getting back up and running again at all can take weeks, if you’re lucky. But the major reason why so many businesses are forced to shut down after some type of cyber incident can ultimately be summed up by the damage done to one particular area:
It doesn’t matter what type of business you’re running or even the industry that you’re operating in, your organization depends on establishing a certain amount of trust with your target audience. That trust is earned, but it is also inherently fragile. One wrong move and it could be gone forever.
That is essentially why ideas like data security and protection are of paramount importance. If someone is willing to trust you with their personal, identifying and potentially compromising data, there’s no such thing as a “small mistake” at that point. Once that trust is gone, you’re never getting it back – and your entire business is going to suffer because of it.
At Goodbay Technologies, we completely understand that these are all ideas that you are (rightfully) concerned with as a business owner. Luckily, they also happen to fall squarely within our areas of expertise. There are a number of critical things for you to know about data security and protection… and Goodbay can help you address every single one of them.
The Art of Physical Security: Breaking Things Down
In addition to the proactive network monitoring, antivirus solutions and other software-based security mechanisms you employ, physical security is of paramount importance with regards to keeping your people (and your data) safe and sound at all times.
Remember that not all security issues are the direct result of a cyber attack. Many issues stem from employee movement and access control, or in most cases a total lack thereof.
At Goodbay, we address this by way of sophisticated RFID Employment Badges and limited access control to appropriate workspaces. In other words, if someone doesn’t need access to a particular place to do their job, they don’t actually have it.
Proper identification like this helps to not only secure restricted areas, but also goes a long way towards differentiating between employees and visitors as well.
Going paperless is another way that we address physical security, as it prevents the physical storage and long-term documentation of sensitive information. Passwords would also fall under this umbrella, and training employees on creating strong passwords is something that we feel is always a top priority.
One of the biggest ways that we help tackle physical security, however, comes by way of unique IDs for all employees. This checks a number of important boxes, all at the same time:
- Each employee has their own unique log-in credentials, regardless of who they are.
- The system automatically logs you out at least 30 minutes after activity or if six log-in attempts fail, all to maximize security.
- Users must always re-authenticate if software sessions have been idle for more than 15 minutes, no exceptions.
This also extends to the mechanisms we have in place to carefully monitor the comings and goings of security staff members, too:
- Key access points are always managed by different security personnel. In that way, our approach is not to dissimilar to the one you might find at any major airport in the country.
- Random physical checks are performed on a regular basis to guarantee that absolutely NO outside materials are carried into the production space.
- Dedicated security staff members are also available for a “if you see something, say something” culture among all staff. This too adds an additional level of accountability to the environment that wouldn’t necessarily be present in other circumstances.
The Critical Nature of Security Training
A lot of people assume that cyber incidents and data breaches happen because some hacker halfway around the world suddenly turned their attention in your direction. While this is absolutely possible, in most cases these issues crop up from the exact same source:
Sadly, the absolute easiest way for a breach to occur with regards to security comes down to an employee. It doesn’t even have to be a rogue employee who wants to do you harm, either. Someone may make a mistake that quickly spirals out of control.
In a call center environment, there can also be high employee turnover – which only serves to increase this level of risk.
It is always hugely important to make sure that all agents understand and operate by the same security guidelines, particularly when it comes to accessing and sharing customer documents. The responsibility of data security is ultimately the responsibility of EVERYONE within the contact center. Nothing short of an “all hands on deck” approach will do.
For the absolute best results, ongoing training should always be carried out across the entire company in order to help underline the general importance of it in the minds of your people. This could include everything from training at new hire orientation or even providing monthly resources by email.
Background checks are also seen by many organizations as their first line of defense in terms of data security and protection. Employee background checks are the perfect way to make sure that people coming into your enterprise through third party organizations are actually trustworthy enough to be there in the first place.
A Modern Approach to Data Protection
When it comes to the actual information that your customers are trusting you with, however, there are also a number of additional opportunities you’ll want to employ. To truly secure a customer’s document, multiple security layers are not a recommendation, but a requirement.
This absolutely includes encrypting and protecting documents, even if they are currently located on a secure network. This guarantees that information sent via email between a call center agent and a customer, for example, cannot be compromised if intercepted.
You should also work hard to employ a system that sends out alerts whenever there is unusual activity, allowing you to stop a small problem today before it quickly balloons out of control.
Overall, you should not actually store sensitive information at all if you can help it – which is a practice that Goodbay Technologies lives by. Delete all cardholder data after processing in a way that makes that data totally unrecoverable. Never store information from the magnetic strip or personal identification number (PIN) during payment. All of this will go a long way towards making sure you stay protected moving forward.
The Genesis of Network Security
Finally, with regards to network security, you should always install antivirus programs that are capable of not only detecting, but also removing and protecting against ALL known types of malicious software. At Goodbay, for example, we not only have software that can pick out viruses but also Trojans, worms, spyware, adware and even rootkits. Likewise, all of our antivirus mechanisms generate audit logs, and all the logs are retained in accordance with PCI DSS Requirement 10.7.
Likewise, networks operating within your call center should be proactively monitored on a constant basis and tested just as regularly. This will help confirm to everyone – from leadership on down – that security measures for your networks are in place and functioning properly. You’ll be able to rest easy knowing that security processes are being followed and that everything is up-to-date, all allowing you to rest easy and return your focus on the most important thing of all: your customers. Goodbay Technologies makes it a priority to do all of these things, as well, generating the type of peace-of-mind that many of our clients just wouldn’t be able to create through other means.
Goodbay Technologies: Your Data Security and Protection Partner
At Goodbay Technologies, we always make it a priority to learn as much about our clients as possible. This doesn’t just allow us to offer you a superior level of service, but in terms of data security and protection in general, it also allows us to come up with a unique “plan of attack” that helps mitigate risks from all the types of issues that YOU are likely to experience. There’s no “one size fits all” approach to data security and protection and now, thanks to a partner like Goodbay, there doesn’t actually have to be.
If you’d like to find out more information about the essential elements of the modern approach to data security and protection, or if you’d just like to discuss your needs with someone in a bit more detail, please don’t delay – contact Goodbay Technologies today.