Could One Tiny Leak Wipe Out Your Entire Company?
Posted by Jake Cohen

 

Michael Daugherty’s up-and-coming $4 million medical-testing company was doing very well.

His Atlanta-based LabMD had about 30 employees and tested blood, urine and tissue samples for urologists. Life was good for Michael, a successful businessman from Detroit.  Then, one Tuesday afternoon in May 2008, the phone call came that changed his life. His general manager came in to tell Daugherty about a call he’d just fielded from a man claiming to have nabbed a file full of LabMD patient documents. For a medical business that must comply with strict federal rules on privacy, this was bad.

A hacker easily found and downloaded LabMD’s patient records. The fate of Michael’s  business was drastically changed. What followed was a nightmarish downward spiral for LabMD. Not one to go down without a fight, Michael found himself mired in an escalating number of multiple lawsuits and legal battles with the Federal Trade Commission and other regulators investigating the leak.

Finally, in January 2014, exhausted and out of funds, his business cratering under constant pressure, he gave up the fight and shut down his company.

One tiny leak that could have easily been prevented took his entire company down. Could this happen to you and your business? Let’s take a look at four fatal errors you must avoid, to make sure it never does:

Have you developed a false sense of security? Please, do not think you are immune to a cyber-attack simply because you are not a big company. The fact is, whether you have 12 clients or 12,000 clients, your data has value to hackers. A simple client profile with name, address, and phone number sells for as little as $1 on the black market. Yet add a few details, like credit card and Social Security numbers, and the price can skyrocket to $300 per record is not uncommon. Being small doesn’t mean you are immune.

Are you skimping on security to save money? Sure, of course, you have a tight budget… So you cut a deal with your marketing manager, who wants to work from home at times. He links into the company network with a VPN. If configured properly, your VPN creates a secure and encrypted tunnel into your network. So his device now links his home network into the company network. The problem is, his home cable modem may be vulnerable to attack, an all-too-common issue with consumer devices. Now you have an open tunnel for malware and viruses to attack your network.

Could the lack of an off-boarding process put your company at risk? It’s important to keep a record of user accounts for each employee with security privileges. When employees leave, you must remove those accounts without delay. An internal attack by a disgruntled worker could do serious harm to your business. Be sure to close this loop.

Have you been careless about implementing security policies for desktop computers, mobile devices, and the Internet? The greatest threat to your company’s data originates not in technology, but in human behavior. It starts before you boot up a single device. In an era of BYOD (bring your own device),  careless behavior by anyone connecting to your network weakens security. Your team loves their smartphones, and with good reason. So, it’s tough sticking to strict rules about BYOD.

Don’t let a tiny leak sink your ship! here’s what to do next…

Check Out Our Free Report Revealing The Critical Protections Small Businesses Need Today

It is our company’s mission to prevent cyber crime,
so we have put together a Free Executive Report titled:
“7 Urgent Security Protections Every Business owner should have in place now”

Fill out the form to the right to claim your Free Report! 

Top