SDN Blog

Famous expert and SDN offer similar advice to fight breaches

Posted on Monday, September 28, 2015 in Broadband Internet

Blog written by

SD Atty. General Marty Jackley with Frank Abagnale, Courtesy AARP SD

His youthful exploits as a con man and check forger made Frank W. Abagnale, Jr. famous. His life was dramatized in the 2002 hit movie “Catch Me If You Can,” which was inspired by a popular book he co-authored.

The movie took artistic license with the reformed thief’s eventful past. But Abagnale said during a recent speaking engagement in Sioux Falls that, overall, he and his family were pleased with the film.

Abagnale ran away from his divorcing parents at age 16 and went on a five-year crime spree. He cashed millions of dollars in bad checks while impersonating people such as an airline pilot and doctor. He was captured in France and served prison time in Sweden and the United States before making a remarkable turnaround: He has become a repentant and highly regarded expert on document security as well as on check fraud and embezzlement.

For nearly 40 years, he has assisted the FBI as a security expert. He also consults with companies and organizations such as AARP. As a member of AARP South Dakota, I got to attend a recent dinner at the Holiday Inn City Centre that featured a presentation by Abagnale.

'Businesses have a responsibility to establish and enforce internal security controls. Employee error can create major vulnerabilities.' - Mark Shlanta

He reviewed his life story and offered several tips to the 600 people in the audience. Among them:

  • Shred documents with a micro-cut shredder, not one that cuts paper in strips or crisscross shapes, which also are easy to reassemble.
  • Clean the data from the hard drives of old printers before getting rid of them.
  • To protect your financial assets, use a credit card, not a debit card. Debit cards provide thieves direct access to bank accounts and don’t offer cardholders much protection.

Practicing self-security also is important in fighting cyberattacks on businesses. Attacks on data can come from anywhere in the world, which makes it unlikely that the people responsible will be apprehended and prosecuted. So, prevention is the best option.

When Abagnale talked about data breaches, I was struck by how similar some of his insights were to those of a local expert in cybersecurity: Mark Shlanta, CEO of SDN Communications. SDN is a premier regional provider of broadband connectivity and related services, including data security, for businesses and institutions.

Shlanta’s background isn’t as colorful as Abagnale’s, but the two men offer similar advice to businesses: train employees well.

When Shlanta testified in September at a U.S. Senate committee field hearing in in Madison, S.D., he pointed out that according to a 2014 IBM Security Services index, 95 percent of all security incidents involve human error.

Products and services offered by companies such as SDN can reduce a company’s risks, Shlanta said. But, he added: Businesses have a responsibility to establish and enforce internal security controls. Employee error can create major vulnerabilities.

To reduce risks, businesses should strive to improve the cyber-literacy of their employees and limit workers’ ability to access and distribute sensitive information, he said. Businesses also should make sure that equipment, software and websites are properly configured and maintained.

During his presentation to AARP members in Sioux Falls, Abagnale also said most data beaches occur because someone within a company did something wrong or because a person failed to do something that should have done. Follow protocol, he urged.

Before he speaks to a large company, Abagnale said he drops memory sticks marked “confidential” around the employee parking lot. The sticks carry a message that says something like, “This is a test. You failed.” Then during his presentation, he checks on a laptop to see how many of the sticks got plugged into a computer rather than disposed or turned in for testing.

Memory sticks coming from an unknown source could carry malware, so employees must be trained not to help potential thieves by plugging them into a company computer, Abagnale said.

He also noted that the number of electronic files that have been breached in the United States already exceeds the population. Most people’s personal information probably has been stolen already. However, a theft might go unnoticed for years because thieves tend to save stolen information to sell or use later. The bottom line: Keep your guard up.

Take a look at the AARP Fraud Watch Network for more details and to find out whether you can "Catch The Con." 

For more information about SDN and its security services, visit the SDN Communications website