Data Breaches & Identity Theft: How to Protect Your Company

Bob Gregg, former CEO of ID Experts
Business Growth MAP Alliance, Oct. 18, 2017

Data breaches can be devastating to any business, yet most small businesses are highly vulnerable to cyber-attacks—often because of a lack of knowledge and preparation by the business owner. As cyber-attacks and data breaches grow more frequent, the failure to have a plan of counterattack for your company is not an option. Protecting yourself and your company begins with a thorough understanding of internal and external vulnerabilities.

Bob Gregg, former CEO of ID Experts, informed listeners at the October MAP Alliance about the different forms of data breaches and identity theft and how to protect themselves and their businesses. “We’re living in a world where you have to assume everyone is out to get your personal information,” said Gregg. “When it comes to data breaches, it’s not if, but when.”

Hundreds of thousands of attempts to data breach occur every single day, and the risk of identity theft continues to increase. Gregg said it now reaches far beyond a financial gain for criminals. “The fastest growing identity theft is medical ID,” said Gregg. “Once the criminal has your medical ID, they can charge medical bills to your name and, thanks to HIPAA’s confidentiality policy, there’s nothing you can do about it.”

Gregg also explained the difference between phishing and spear-phishing. Where phishing is a broad attempt to trick victims into sharing sensitive information, spear-phishing is a targeted attack on someone on whom the phisher already has a significant amount of information. These attacks typically come through email asking you to click a link. “Whatever you do, never click that link!” Gregg warned. “No matter how official it looks. To be safe, call the company who sent you the email, or go directly to their website to dispute the claim.”

Gregg offered up a practical guide for data breach prevention:

  • Use anti-virus software – Designed to prevent, detect, and remove viruses from computers, anti-virus software is the first line of defense against a cyber-attack. Gregg recommended looking into Bitdefender, SecureAnywhere or Sophos Enterprise Security. For Mac computers, try Avast.
  • Install anti-virus software on your smart phone – With many transactions now being conducted on mobile devices, it’s equally important to safeguard your smart phone. For a list of recommendations, try
  • Use anti-malware – Viruses aren’t the only threat to your online material. Anti-malware will help safeguard against worms, Trojans, spyware and more.
  • Secure your wireless router – Few business owners realize that their router is its own computer system with an operating system, software and vulnerabilities. This makes routers a prime target for spy agencies and criminals. Upgrade to a commercial router intended for small businesses, then research the step-by-step process to make it secure.
  • Use a VPN – A virtual private network connection not only encrypts your personal data while online from your home or office, but it also protects your information while on public Wi-Fi networks. This is a must have to protect yourself from hackers.
  • Use a password manager – It can be difficult to remember multiple passwords for various accounts, but you should never rely on your internet browser to save them for you. That leaves you open for an attack. Instead, use a password manager like Keeper, Dashlane or StickyPassword.
  • Keep all software updated – It’s not enough to have the software if you allow it to become outdated. Security software systems are ever evolving to better protect your data. Keeping the most current updates will ensure you have a secure version for your valuable information.
  • Buy yourself an external hard drive – Back it up! Download everything from your computer to an external hard drive. Once you’re done, make sure you unplug it and store it in a safe place. This will ensure that your documents and pictures are safe in the event of an attack.

Gregg also warned of announcing your whereabouts on social media. “Don’t tell the whole world when you are going on vacation and how long you will be gone.” This is a beacon for criminals. Also, don’t post pictures online with a time and location stamp. According to Gregg, this informs the bad guys where you are and where you aren’t.

While it may seem overwhelming, taking the time to educate yourself on the ways to protect your identity and data will save you a lot of stress in the long run.

For small businesses looking to learn more and stay up-to-date on cybersecurity management, Gregg offered Security Mentor, an innovative, online security awareness training designed for small business.

Go back to Business Growth MAP Alliance