Security breaches are all around us . . . one cannot turn to the news without seeing some big-name entity hacked and customer data being revealed. If it happens to the Big Guys, what can smaller going concerns do?
One thing that must be done is to properly assess the risk, look at the digital assets you possess and then create a reasonable plan. Do you have to build a fortress around your database? No, not likely but you will have to take reasonable steps to ensure the safeguarding of that information. What constitutes ‘reasonable steps’? Ahh, that’s the question. It is a mix of things – the type of data you possess, your size (are you a 5 person firm or 50?), your industry, the state and federal requirements you operate under, etc.
This is the advantage of calling in a 3rd party – not only do you get the specialists to look at this area (something that is very technical), but you also get to shift the risk to us and point to our work if anything happens down the road. This is huge.
We had a client call us the other day and they were the subject of a sophisticated scam in which they not only lost out financially, but had their core systems compromised by someone in another country. They had sensitive client data and we were called in to assess the situation, create a plan for rehabilitation and bring them back to a good operational state in which no traces of the former exploit was noted. In other words, they could go back to work knowing that any future investigation would clear them based on their pro-active steps.
by Michael Cecchini