Massive breaches of computer data have become routine in the United States. One major American business after another seems to be alerting its customers that cyber hackers have gained unauthorized access to private information.
Anthem Inc., a health insurance provider, was the target of one of the latest, biggest and most successful attacks by international cyber thieves.
I’m personally miffed about the Anthem attack because I’m among the approximately 80 million people whose Social Security numbers and other personal information apparently have been exposed.
'Employees are the weakest link in the business security chain.'
The data breach at Anthem is more than a small inconvenience. The information hackers obtained could be of value to identity thieves for years to come.
IT was discouraging to read that Anthem, citing corporate policy, had refused before and after the attack to allow the U.S. Office of Inspector General to conduct “standard vulnerability scans and configuration compliance tests.” (Read about that controversy.)
Anthem might have had a good reason for refusing to cooperate with government auditors, but its failure to do so won’t help it fight all the bad publicity it’s getting.
Until recently, I hadn’t even realized that Anthem had my personal information. My health coverage is through another big-name company. But in addition to offering health insurance, Anthem apparently manages health plans for other companies. Obviously, it needs to do a better job providing that service.
I learned in a letter from Anthem that my personal information might have been exposed. I also was advised of some precautions to take. I was warned, for example, not to respond to emails that might appear to come from Anthem but actually be coming from a sender phishing for personal information. Thanks, but it’s probably a little late for that advice. Anthem already has made that information vulnerable.
I’ve requested fraud-alert service from the three nationwide credit bureaus, as suggested by Anthem, and I’m considering taking other security steps.
For other companies responsible for storing information about their clients or other sensitive business information, the time for wake-up calls is over. In addition to what happened at Anthem, data breaches have occurred at companies such as Sony, Target, Home Depot and JP Morgan Chase. The growing list of companies that have been hacked attests to an urgent need for preventative action, not just an awareness of potential problems.
Companies such as SDN Communications can help companies protect their data-storage equipment. Properly educating employees is a big part of security solutions, too.
Judging from security experts quoted in news reports, cyberattacks often come from the inside. In some cases, company employees simply are unwittingly duped into providing sensitive identification or password information to cyber thieves.
The website SecurityInfoWatch.com notes that employees are the weakest link in the business security chain.
”While businesses have done an excellent job in the last decade of improving the process and technology aspects of IT security, they’ve fallen short in training their own employees to defend and protect their company information,” according to a post by David Barton published on SecurityInfoWatch.com.
After the high-profile hack at Sony Pictures, the website WeLiveSecurity.com offered some practical advice to companies and consumers. WeLiveSecurity is the brainchild of ESET, an IT security company based in Slovakia. Some of its key suggestions include:
- Don’t use email for sensitive communications.
- Segment network functions and control who has access to each segment of information. Access to one area should not provide access to all areas.
- Store passwords securely.
- If something seems wrong, don’t ignore it. Check it out.
- Have a plan prepared in advance for dealing with a breach.
With cyberattacks on American businesses increasing in frequency and severity, taking steps to protect electronic assets has become more urgent than ever.
SDN can help businesses and institutions. In addition to providing broadband connectivity, SDN offers a variety of communications products and services to transport, store and protect electronic information.
Businesses and institutions interested in a consultation should contact an account executive or technical support staffer at SDN. For more information, call 800-247-1442 or contact their experts through the website.