How to Protect Your Business from Hacking and Data Breaches

In this day and age, it’s common to see large breaches and hacks, whether they be data-related or, quite frankly, a bit more personal.

In 2018, the biggest data breaches included T-Mobile, Quora, Google, BestBuy and Facebook. More recently, Amazon CEO Jeff Bezos had his personal text messages leaked amidst his divorce. How does this even happen?

That question has been covered in plenty of discussions and presentations, and the answer is simple: we are just not as protected as we think we are. With the use of third-party apps and unprotected wi-fi networks, we often unknowingly sign away our security.

The weak points get weaker when we spread it across a team of employees. So, how do you protect yourself and your company from dangerous technological hacks and breaches?

John Balitis, a Member of the Jennings Strouss & Salmon Law Firm in Arizona, who specializes in employment law and labor relations, weighs in:

“Security measures for technology that’s used by employees in and outside the workplace have largely been reactionary. Hackers who focus their attention at breaching business systems spend their days developing new ways to do so, while business IT professionals have a variety of other demands besides just security. It’s hard to keep step with hackers, let alone get out in front of their curve. That said, there are many steps businesses can take to be more proactive about protecting themselves.”

Here are the top 5 ways you can quickly improve your company’s protection of proprietary information from breaches and hacks.

1. Have a strong tech security system.

Balitis recommends enabling: “strong passwords, automatic locking after periods of inactivity, establishing protocols for reporting lost or stolen devices, mandating certain antivirus and protective software, and requiring or strongly encouraging regular backups.”

2. Give traveling employees access to company-approved Wi-Fi hotspots.

Free wi-fi usually means an unprotected network. If an employee logs into the complimentary airport hotspot, he or she potentially exposes their device and your company to hackers. For team members who are usually on-the-go, provide a secure hotspot connection to reduce this risk.

3. Avoid work-related conversations on personal devices, especially through texting.

This can become a legal issue if managers are discussing employees or private company information through texting. If this information becomes visible, it can garner a plethora of lawsuits, depending on the nature of the conversation.

4. If employees use their personal devices for work, implement mobile device management.

The Bring You Own Device (“BYOD”) approach to technology has become popular for businesses because it reduces costs by avoiding the need to purchase hardware for the workforce. At the same time, it’s convenient for employees because it eliminates the need to use two devices—for work and personal communications. Despite these benefits, BYOD systems can create great security risks of not paired with the right software. BYOD businesses need to implement mobile device management (“MDM”) for these dual purpose devices that allows the employer to partition business and personal data and, more importantly, enables the employer to regulate entirely the business side of the device.

5. If BYOD Is Your Approach, Implement a Strong Policy to Complement the Software.

Balitis concludes:“If you implement BYOD and MDM at your business, the system will only be as good as how well you explain it to your workers. Their primary concern is privacy. Yours is security. A strong written policy will put workers’ minds at ease about whether their personal information can be compromised or lost while at the same time giving you, the business, the greatest level of access to the device for purposes of protecting your data. Consult with counsel to draft and roll out a comprehensive policy in this area to get the most out of your system without sacrificing morale.”

Copyright © 2019 Jennings, Strouss & Salmon, P.L.C.

Please note that this presentation has been prepared by Jennings, Strouss & Salmon, P.L.C. for informational purposes only. These materials do not constitute, and should not be considered, legal advice, and you are urged to consult with an attorney on your own specific legal matters. Transmission of the information contained in this presentation is not intended to create, and receipt by the reader does not constitute, an attorney-client relationship with Jennings, Strouss & Salmon or any of its individual attorneys.