3 Steps To Fight Against Your Identity Theft

5/17/2017

Small Business Computer Security Basics

Don Draper, The Man In The Iron Mask – And 400,000 Consumers
It’s the thread that connects Alexandre Dumas’ The Man in the Iron Mask, the title character in The Talented Mr. Ripley, Don Draper’s back story in Mad Men – and an event scheduled for May 24, 2017, at the FTC.

It’s identity theft.

Ten years ago, the White House issued an Executive Order establishing the Identity Theft Task Force, co-chaired by the FTC. As ID thieves’ tactics morph and modify, public and private partners develop new strategies to prevent the crime and offer assistance to victims. Just one example is IdentityTheft.gov, a site the FTC introduced last year to help people create a recovery plan, complete with personalized paperwork to speed up the process of winning back their good name.

Now is the time to take a comprehensive look at how identity theft has evolved over the last decade and consider where we go from here. That’s the topic of a May 24th workshop, Identity Theft: Planning for the Future.

The FTC has released the agenda for the day. Panelists will talk about the shadowy dark web where stolen data is fenced, the effect that ID theft has on industries like financial services and healthcare, the impact the crime has on people’s lives, and resources available for victims.

Free and open to the public, the conference will take place at the FTC’s Constitution Center building, 400 7th Street, S.W., in Washington, DC. Registration begins at 7:45 AM and Acting Chairman Ohlhausen will open the event at 9:15. Can’t make it to DC? We’ll post a webcast link moments before the event starts.

Why should businesses be concerned about the nearly 400,000 reports of identity theft the FTC received last year? Because the fight against ID theft is an all-hands-on-deck endeavor and businesses have three key roles to play:

Prevent. Whether it’s a lost laptop, a porous computer network, or a rogue employee, business breaches can inadvertently fuel the illegal market in stolen data. One way to help shut down the supply is to put sensible protections in place to keep confidential information out of criminals’ hands. Two FTC publications – Protecting Personal Information: A Guide for Business and Start with Security – offer guidance. (Note to companies with just a few employees: The FTC has a new brochure, Small Business Computer Security Basics, written with you in mind.)

Protect. Sometimes customers approach businesses with information that suggests the person has been a victim of identity theft. A “How sad, too bad” response won’t help their recovery. A referral to IdentityTheft.gov will. Also, if you provide information to consumer reporting agencies – credit bureaus, check verification services, and the like – reports from customers about identity theft may trigger responsibilities under the Fair Credit Reporting Act. Why? Because your business records may contain inaccurate information about the consumer because of the identity theft. By the way, we've replaced the ID Theft Affidavit with a revised FTC Identity Theft Report. It’s an official document for FCRA purposes and no police report is required.

Publicize. Business groups can talk up data security and ID theft prevention to their members. There’s no need to start from scratch. The FTC has publications you can adapt for newsletters, websites, and handouts. A downloadable one-minute video from the Start with Security series would make a great addition to your next presentation. Speaking to a community group? This video explains how a few essential steps at the first inkling of ID theft can help pave the way to recovery.

3 Steps To Fight Against Your Identity Thefthttps://t.co/4fthBsH6LI @cnn @cnni @CNNMoney @bizrpt @Daniel586Nguyen @PBS @ABC @CNBC @WSJ @Inc pic.twitter.com/JFcjr5lJ7K
— Daniel Nguyen (@Daniel586Nguyen) June 1, 2017

Small Business Computer Security Basics

If you’re running a small business with only a few employees, you’ve learned about a lot of things – accounting, marketing, HR, you name it. And you probably depend on technology, even if it’s only a computer and a phone. You can’t afford to get thrown off-track by a hacker or scammer.

Here are a few computer security basics to help your company, even if you’re the only employee. If you have employees, train them to follow these tips. If you collect any consumer information, also check out our advice about protecting personal information.

PROTECT YOUR FILES & DEVICES

Keep your software up-to-date. No matter what operating system, browser or other software you use, keep it up to date. Set it to update automatically so you don’t leave holes hackers can exploit.

Back up your files. No system is completely secure. Create offline backups of important files. That way, if your computer is compromised, you’ll still have access to your files.

Use strong passwords. The longer the better – at least 12 characters. Complexity also helps strengthen a password. Mix numbers, symbols, and capital letters into the middle of the password, not at the beginning or end. Don’t use patterns to lengthen a password. Never use the same password for more than one account, or for personal and business accounts. If you write them down, lock them up. Consider using a password manager, an easy-to-access application that allows you to store all your valuable password information in one place. Be sure to protect your password manager with a strong master password, and only use a password manager from a reputable company. Don’t share passwords on the phone, in texts or by email.

Turn on two-factor authentication. For accounts that support it, two-factor authentication requires both your password and an additional piece of information to log in to your account. The second piece could be a code sent to your phone, or a random number generated by an app or a token. This protects your account even if your password is compromised.

Don’t leave your laptop, phone or other devices unattended in public, even locked in a car. They may contain sensitive information – and they’re costly to replace. If they go missing, the information stored on them may fall into the hands of an identity thief. You also can turn on device encryption to encrypt all data on each device. This reduces the risk to sensitive information in case your device is stolen or misplaced.

Password protect all your devices. If you access your business network from an app on your phone or tablet, use a strong password for the app, too.

THINK BEFORE YOU SHARE YOUR INFORMATION

Protect account information. Every time someone asks for business information – whether in an email, text, phone call or web form – think about whether you can really trust the request. Scammers will say or do anything – or pretend to be anyone – to get account numbers, credit card numbers, Social Security numbers or other credentials. Scammers will rush, pressure or threaten you to get you to give up company information.

Only give sensitive information over encrypted websites. If your company is banking or buying online, stick to sites that use encryption to protect your information as it travels from your computer to their server. Look for https at the beginning of the web address in the address bar of your browser. Look for https on every page of the site you’re on, not just where you log in.

PROTECT YOUR WIRELESS NETWORK

Set up your router securely. If your small business has a wireless network, your "access point" is probably a cable or DSL modem connected to a wireless router, which sends a signal through the air. Your router directs traffic between your local network and the internet. Any device within range can pull the signal from the air and access the internet. If you don't secure your router, strangers could easily gain access to sensitive personal or financial information on your devices.

Change the name of your router from the default. The name of your router (often called the service set identifier or SSID) is likely to be a standard, default ID assigned by the manufacturer. Change the name to something unique that only you know. Visit the company’s website to learn how to change the router name.
Change your router's pre-set password(s). Hackers know the default passwords, so change yours to something only you know. The same goes for any default “user” passwords. Use long and complex passwords. Visit the company’s website to learn how to change the password.
Keep your router’s software up to date. Before you set up a new router, and periodically thereafter, visit the manufacturer’s website to see if there’s a new version of the software available for download. To make sure you hear about the latest version, register your router with the manufacturer and sign up to get updates.
Turn off any “remote management” features. Some routers offer an option to allow remote access to your router’s controls, such as enabling the manufacturer to provide technical support. Never leave this feature enabled. Hackers can use them to get into your network.
Log out as administrator. Once you’ve set up your router, log out as administrator, to lessen the risk that someone can piggyback on your session to gain control of your device.

Use encryption on your wireless network. Encrypt the information you send over your wireless network, so that nearby attackers can’t understand your communications. Encryption scrambles the information you send into a code so that it’s not accessible to others. Modern routers offer WPA2, the strongest wireless encryption widely available. To protect your data, use it.

Wireless routers often come with the encryption feature turned off. You must turn it on. The directions that come with your router should explain how. If they don't, check the company’s website.

Limit access to your network. Allow only specific devices to access your wireless network. Wireless routers usually have a mechanism to allow only devices with particular unique Media Access Control (MAC) address to access to the network. If you want to provide free Wi-Fi for your customers, set up a second, public network – separate from the network for your business devices.

BE CAREFUL WITH WI-FI HOTSPOTS

If you’re on the go, Wi-Fi hotspots in coffee shops, libraries, airports, hotels, and other public places are convenient – but often they’re not secure. In fact, if a network doesn’t require a WPA2 password, it’s probably not secure. To protect your information when using wireless hotspots, send information only to websites that are fully encrypted – look for https on every page. And avoid using mobile apps that require sharing personal or financial information over public Wi-Fi.

KNOW WHAT TO DO IF SOMETHING GOES WRONG

Plan ahead so you know what to do if a hacker gets into your system. There are steps you can take to minimize the damage if you discover malware on your computers, that your email has been hacked, or even if someone takes over your system and demands a ransom to return control of it.
And if someone accesses personal or financial information that they shouldn’t, take steps to respond to that data breach.

Source: Federal Trade Commission

Medical Community Project in Ghana

Sculpture Sales Agents Hiring

Gold Buy/Sell Contract Operation

Join “A Sporting Chance for Peace”

0 Comments

Our Blog