Cybersecurity tips and tricks by Benjamin Dynkin right now? An attack that directly or indirectly targets your customers would be disastrous not only for the customers but also for your company. The public relations catastrophe alone could be enough to ruin the business, not to mention the financial aspect. It could take years for people to trust you again, if ever. We’re not saying you’ve hired any shady characters, but employees are a common source of security breaches — 60 percent of them occur within the company, according to a survey by the International Data Corporation [source: Staff Monitoring]. For that reason, employees should be given access to only as much sensitive information as they need to do their jobs, and no one person should be able to access all data systems. Employees should be required to get permission before they install any kind of software on their work computers. Lock up laptops when they’re not in use. Read more info on Benjamin Dynkin.

Make Sure Employees Look for the S in HTTPs When Searching the Web. Employees will, from time to time, use the corporate IT network to visit websites or sign up for services, either for personal use or for the company. Before submitting any information, they should always be on the lookout for the padlock and HTTPS in the address bar. If the site is unprotected, they should not enter any information. Note: It’s important to also educate employees on phishing websites (see tip 15 below). There have been cases of phishing websites using Domain Validated (DV) SSL Certificates to make their sites look more “real” and “trustworthy”.

Lock Devices Down. Most smartphones, laptops, and tablets come equipped with security settings that will enable you to lock the device using a PIN number or fingerprint ID. Do this on every available device. While traveling, change the PIN numbers you regularly use. In the event that any of your devices have been momentarily misplaced or forgotten, this will be the first line of defense against a security breach.

Learn about Phishing Scams – be very suspicious of emails, phone calls, and flyers. We recently blogged that phishing scams are nastier than ever this year. In a phishing scheme attempt, the attacker poses as someone or something the sender is not to trick the recipient into divulging credentials, clicking a malicious link, or opening an attachment that infects the user’s system with malware, trojan, or zero-day vulnerability exploit. This often leads to a ransomware attack. In fact, 90% of ransomware attacks originate from phishing attempts.

Benjamin Dynkin about data breaches: Devices in the IoT sector are proof that we are increasingly valuing convenience over security. Many “smart home” products have gaping flaws, like lack of encryption, and hackers are taking advantage. Since new digital products, services, and tools are being used with minimal security testing, we’ll continue to see this problem grow. However, even if the backend technology was set up perfectly, some users will likely still have poor digital habits. All it takes is one person to compromise a website or network. Without comprehensive security at both the user and enterprise levels, you are almost guaranteed to be at risk. Protecting yourself and others starts with understanding how a data breach occurs.