5 Data Breach Prevention Tips

Topics: Cyber Liability

Summary: A data breach can devastate a business of any size. In this article, we'll take a look at the data breach warning signs all companies should know, and the steps they can take to help prevent them.

2019 was not a good year for data breaches. In fact, research firm Risk Based Security called 2019 "the worst year on record" for breaches, with over 5,100 breaches in the first nine months of the year alone exposing 7.9 billion records. This number represented a 33% increase from the same time period in 2018.

One might think we've used our knowledge of previous cybersecurity attacks to better understand how to prevent a data breach, but this, unfortunately, is not the case. In the first quarter of 2020, data breaches exposed records at a rate increase of 273% over last year. Big names like Twitter, Marriott (who also experienced a major breach in September 2018), MGM and Zoom all became victims of data breaches earlier this year. And, hackers have used the COVID-19 to their advantage with social engineering scams rising during the pandemic.

Companies have grown more aware of the various types of data breaches and their impact on their brand, reputation and customer loyalty, not to mention the costs involved to properly notify all parties of the breach. It's more important than ever that all businesses understand how to recognize the early warning signs of a data breach, the steps they can take to help prevent them, and how to protect themselves from certain losses incurred from a cyberattack.

How to Recognize a Data Breach

First and foremost, businesses of all sizes need to stay informed. This means learning about the different types of cybersecurity attacks they may be vulnerable to, such as phishing scams, social engineering and ransomware, and providing robust employee training to help avoid them.

Additionally, some of the warning signs to watch for that can help you detect a data breach early include:
  • Unusual Behavior: If a program acts up, it could simply be a software or hardware malfunction, but it could be something much worse. Check the system for other irregularities.
  • Suspicious Files: If malware is detected or a user reports opening a suspicious file, don't take any chances. Assume that the malware has infected something, and don't stop investigating until you find out what, if anything, was breached.
  • Compromised System Communications: Regularly review communication patterns on the network. If an employee's computer is accessing other workstations or transmitting large amounts of data to somewhere outside of the network, this could be a sign of a compromise.
  • Outdated Security Programs: Keep anti-virus and anti-malware programs up-to-date. Also, run vulnerability programs, such as Microsoft Baseline Security Analyzer, to look for missing patches and other security risks.
  • Changes in Credit Ratings: Customer information isn't the only confidential data on the server. Chances are, there's plenty of information about your own company, too. Changes in your credit rating could be an indication of fraud and a sign of a data breach.

How to Prevent Data Breaches

Now that you understand the warning signs of a data breach, the next step is to understand some of the security measures your business can take to prevent them. In the spirit of National Cybersecurity Awareness Month, here are some data breach prevention tips to keep in mind throughout the year.

Data Breach Prevention Tip #1: Set Security Protocols on Company Premises

Security protocols should include the cybersecurity policies and procedures needed to help keep sensitive company information safe. Creating protocols is one of the best ways to help prevent data theft by ensuring unauthorized personnel do not have access to data. Only authorized employees should be allowed to view sensitive information. Businesses should have a clear understanding of the data that could become compromised to mitigate the risk of a cybersecurity attack.

Data Breach Prevention Tip #2: Understand How to Classify Data

Classifying data within an organization helps businesses understand what level of protection it requires. All data can pose a risk to a business. Use the "5 Ws" questions - what, who, where, when and why - used by journalism professionals or police investigators to fully understand the complete story of the type of data that needs safeguarding.

Data Breach Prevention Tip #3: Keep Data Safeguarded

Many data breaches result from employee error, so ensure all employees are well-trained on how to keep sensitive information protected. Employees should only have access to the information vital to their particular roles within the company. Additionally, consider records retention programs requiring employees to purge files both on their computers and any hard copies they keep (according to the program), destroying the information properly. This means using special software designed to wipe the hard drive or regularly shredding paper files.

Data Breach Prevention Tip #4: Implement Password Protection

One of the best things a small business can do to stay protected from a data breach is to utilize strong passwords for every site accessed daily. Tips for creating strong passwords include creating unique passwords for different accounts and using a mix of letters, numbers and symbols. Additionally, passwords should never be shared amongst employees or kept written down where others can see them.

Data Breach Prevention Tip #5: Update Security Software Regularly

Companies should utilize firewalls, anti-virus software and anti-spyware programs to ensure that hackers cannot easily access sensitive data. However, these security programs also require regular updates to keep them free from vulnerabilities, so make sure to check any software vendors' websites to learn about upcoming security patches and other updates.

National Cybersecurity Awareness Month: If You Connect it, Protect it

National Cybersecurity Awareness Month (NCSAM) kicked off its 17th year this October to ensure every American understands the importance of cybersecurity This year's theme is "If you connect it, protect it," serving as a reminder that everyone, from individuals to large corporations, must do their part to keep our interconnected world safe and resilient.

Cyber Liability Insurance for Small to Mid-Sized Businesses

Cyber Liability Insurance policies from AmTrust can help protect small businesses from some of the costs associated with responding to various cybersecurity attacks. We are committed to evolving our coverage as new cyber threats emerge for our insureds. Our policies generally cover indemnification for legal fees and expenses, provide customer notifications in the event of a breach, and include the option to monitor the information of anyone impacted for a specified period. To learn more about cyber liability insurance from AmTrust, please contact us today.

amtrust cyber insurance banner

This material is for informational purposes only and is not legal or business advice. Neither AmTrust Financial Services, Inc. nor any of its subsidiaries or affiliates represents or warrants that the information contained herein is appropriate or suitable for any specific business or legal purpose. Readers seeking resolution of specific questions should consult their business and/or legal advisors. Coverages may vary by location. Contact your local RSM for more information.

Time Zones