What companies can learn from the Equifax Security Breach
On September 7th, Equifax announced that they had detected a security breach which compromised the personal information of 143 million Americans. The information is said to have included names, addresses, social security numbers, and credit card numbers. Millions of consumers are now wondering which companies they can trust with their data. The Equifax security breach is a wake-up call to businesses who need tighter security of their records, documents, and all sensitive content. Every company can take basic measures to safeguard their data, but beefing up password strength isn’t enough these days. You need security for your documents built into your very business processes. An up-to-date enterprise content management system can provide that. These are the ways your company can prevent a security catastrophe before it happens.
Act on a company security audit
Equifax reportedly received security audits of their business processes, as well as the open source software that they were using for large scale financial operations. However, after receiving this critical information, they did not act fast enough. It is easy to have an audit done, and sometimes it is cheap or even free. The tough part is acting on the information. You may need to halt and then completely revamp some of your key processes, including those directly linked to revenue. Think of it this way: taking some time to make changes now will prevent the years of financial hemorrhaging that compromised data brings.
A security audit of your mission critical applications and business processes will highlight which software you’re using has known loopholes. You may learn which processes in your company could benefit from digitization. The important takeaway is to act on these security discrepancies, no matter how big or small. If you know they’re there and then don’t take preventative measures against a breach, you’re not helping the problem.
The low hassle measures you can take right now
The most obvious measures you can start with are anti-virus and anti-malware software. Some companies choose to simply use Windows Defender on their PCs. This is built in with Windows 10 and does a decent job. You can pair that with Malwarebytes. Other companies choose Avast or Avira. Or you could try less conventional software like WebRoot. Some anti-virus programs even act as malware and can damage your PC or send files to a third party with the security permissions you grant it, so you can never be too cautious. Always make sure to carefully read reviews of your anti-virus options before selecting.
With so many companies still conducting business on paper, it’s no wonder that documents are misfiled, lost, accidentally deleted, destroyed, or even stolen. In 2015 alone, 6,025,821 records containing sensitive information were accidentally compromised. Accidentally. That is less than 1% of the total number of sensitive records reported compromised in 2015. Digitizing your records is the best way to ensure redundancy of crucial files and paperwork. It allows you greater control over file manipulation on your company’s servers. It also consolidates document locations so that you can worry less about losing all of your important records to natural disaster.
Tightening security among members of your own company can be done with simple, but strict, rules. Every employee should avoid writing down passwords, especially near their work station. The safest place to put a password is in your own memory, so encourage employees to work on their mnemonic aids. If this is not an option, a program like Keepass keeps passwords secure and accessible without outside parties having easy access.
Enterprise Content Management
No matter how good your malware protection or how often you remind employees about password guidelines, human error is always a possibility. Enterprise Content Management allows an administrator to set permissions for different employee types, including which “rooms” in the software an employee can access and what actions that employee can take on a document. The best way to prevent a mistake made in the midst of a process is to establish rules for that process ahead of time. ECM allows exactly that.
In 2015, the average cost to detect, respond to, and mitigate a breach globally was $7.7 million. This is not counting the aftermath and damages that said breach caused. Some ECM solutions have security by way of file encryption. Some, like Contentverse, use multi-layered encryption. Along with permissions settings from administrators, documents are not only safeguarded from hackers, they are also protected from employee error or even deliberate internal security breaches. With approval steps in an intelligent, automated workflow, documents don’t make it into or through the system without inspection either. So even the files you process into Contentverse can’t lead to a security crisis.
Security for your company is security for your customers
When your employees follow password guidelines, your machines are outfitted with anti-malware and anti-virus software, and your files are secure in an Enterprise Content Management system, your company is doing its part to keep your customers safe. What’s even better about this is that document security is a selling point. Most of your competitors cannot boast full measures to protect consumer information. When you tell your customers that their information is secured carefully and redundantly, they know that yours is a company they can trust.
The most important takeaway from the security breach is that you can never have enough protection for your clients. After all, they’re the reason you do business. You owe it to them and to your company’s prosperity to invest in the very best in ECM solutions.