One of the largest, most famous cyber security hacks recently struck a national retail giant after one of its subcontractors opened a phishing email, giving hackers access to its client’s sensitive information.
Here are five key things to consider when it comes to keeping your confidential information under wraps:
- Cyber security isn’t a technology problem; it’s a people problem. Everywhere we turn, there’s another software or technology designed to fight cyber security issues. But even the best, super cyber technology can’t be effective when well-intentioned people (and that includes your vendors and agency partners) allow confidential information to be easily accessed by criminals who are actively looking for it.
- If it looks like a duck and quacks like a duck … it might just be a wolf. Today, cyber criminals have become really good at fooling smart people into believing an email or other communication is from someone they trust. Don’t take any communication at face value. Look for the slightest indication that a message might not be from who you think it’s from. If they’re asking you to do something unusual or extraordinary, question it. Confirm with that individual in person or via phone (not by replying to a questionable email).
- Keep it to yourself. It’s human nature; we all tend to share more information than we should. Make sure your team and your vendors think twice before sharing, sending and saving information. Be certain your team is sharing only what is absolutely necessary and nothing more. And only share through secure channels (never use a personal email account for sharing sensitive information, and make sure your vendors follow the same rules).
- Don’t leave the social media front door unlocked. Social media is an essential part of every brand’s marketing strategy. But, while we strive to engage customers and draw them into conversation, we need to be sure we’re not opening the door for criminals to walk in to ransack the place. Make sure your team and your agency are aware of what types of information—individually or collectively—are bad news to post.
- Get smart. Don’t allow yourself to get schooled the hard way. Get training for every one of the folks on your team. And get proof that your agency and all vendors (printers, photographers, freelancers, etc.) all have had sufficient cyber security training and have strict policies and practices in place to protect your sensitive information. An NDA is a start, but it’s only a promise, not a defined practice.
At Gatesman, we take confidentiality and our commitment to protecting our clients’ sensitive information very seriously. That’s why the agency has engaged nationally recognized cyber security experts, KnowB4, and requires every agency employee to participate in ongoing cyber security training.