Creating "Cycurity" Training
Training corporate executives on how to protect their data is a growing agenda. Today, Safe America involves major companies such as PWC, Core ID Services and Rasmussen Swanzey in providing insights into what needs to be done to secure your data - and that of your employees and customers.
Through drills such as PWC's 'Game of Threats,' we can advance your insight into improving business continuity.
Cyber/Cloud Drill
Working with Fractional Network, Safe America is developing an exercise to help protect the Cloud. Learn more by contacting us!
Global Exercise
Thanks to Australian consulting firm ‘Availias,’ Safe America has hosted a global exercise - from London to New York, Atlanta, Washington, DC and Sydney, Australia! Learn more by studying the results.
Software / Technology
Safe America works with firms worldwide to develop new apps for smartphones as well as encourage the introduction of new technology.
The subject of Cyber Security is an important one in the minds of leaders in every organization today. The rapid rise in cyber-attacks - with high-profile companies and government agencies having been affected in the USA and abroad - makes this subject a focal point that formed one of the key areas of attention at our Training for Safety Conference in Atlanta in October this year.
This is the first exercise of its kind that SafeAmerica/WorldSafe has delivered to the business and government communities in conjunction with this high-profile conference and extended exercise event.
Len Pagano, President & CEO of SafeAmerica/WorldSafe
Training corporate executives on how to protect their data is a growing agenda. Today, Safe America involves major companies such as PWC, Core ID Services and Rasmussen Swanzey in providing insights into what needs to be done to secure your data - and that of your employees and customers.
Through drills such as PWC's 'Game of Threats,' we can advance your insight into improving business continuity.
Personal Security
Credit cards are the safest way to pay for online purchases because you can dispute the charges if you never get the goods or services or if the offer was misrepresented. Federal law limits your liability to $50 if someone makes unauthorized charges to your account, and most credit card issuers will remove them completely if you report the problem promptly.
In any transaction you conduct, make sure to check with your state or local consumer protection agency and the Better Business Bureau (BBB) to see if the seller, charity, company, or organization is credible. Be especially wary if the entity is unfamiliar to you. Always call the number found on a website’s contact information to make sure the number legitimately belongs to the entity you are dealing with.
Crooks pretending to be from companies you do business with may call or send an email, claiming they need to verify your personal information. Don’t provide your credit card or bank account number unless you are actually paying for something and know who you are sending payment to. Your social security number should not be necessary unless you are applying for credit. Be especially suspicious if someone claiming to be from a company with whom you have an account asks for information that the business already has.
Don’t send sensitive information such as credit card numbers by email because it’s not secure. Look for clues about security on Web sites. At the point where you are asked to provide your financial or other sensitive information, the letters at the beginning of the address bar at the top of the screen should change from “http” to “https” or “shttp.” Your browser may also show that the information is being encrypted, or scrambled, so no one who might intercept it can read it. But while your information may be safe in transmission, that’s no guarantee that the company will store it securely. See what Web sites say about how your information is safeguarded in storage.
They are often fraudulent. If you are familiar with the company or charity that sent you the email and you don’t want to receive further messages, send a reply asking to be removed from the email list. However, responding to unknown senders may simply verify that yours is a working email address and result in even more unwanted messages from strangers. The best approach may simply be to delete the email.
Legitimate companies and charities will be happy to give you time to make a decision. It’s probably a scam if they demand that you act immediately or won’t take “No” for an answer. Some scammers may also demand you pay off a loan immediately or damaging consequences may occur, always take time to look into who is requesting the money before you pay up.
If someone claims that you can earn money with little or no work, get a loan or credit card even if you have bad credit, or make money on an investment with little or no risk, it’s probably a scam. Oftentimes, offers that seem too good to be true, actually are too good to be true.
A legitimate seller will give you all the details about the products or services, the total price, the delivery time, the refund and cancellation policies, and the terms of any warranty. Contact the seller if any of these details are missing, if they are unable to provide the details, it may be a sign that it’s a scam.
Credit bureaus compile marketing lists for pre-approved offers of credit. These mailings are a goldmine for identity thieves, who may steal them and apply for credit in your name. Get off these mailing lists by calling 888-567-8688 (your social security number will be required to verify your identity). Removing yourself from these lists does not hurt your chances of applying for or getting credit.
If you find accounts that don’t belong to you or other incorrect information, follow the instructions for disputing those items. You can ask for free copies of your credit reports in certain situations. If you were denied credit because of information in a credit report, you can ask the credit bureau that the report came from for a free copy of your file. And if you are the victim of identity theft, you can ask all three of the major credit bureaus for free copies of your reports. Contact the credit bureaus at: Equifax, 800-685-111; Experian, 800-311-4769; TransUnion, 800-888-4213.
In addition to the rights described above, a new federal law entitles all consumers to ask each of the three major credit bureaus for free copies of their reports once in every 12-month period. Go to www.ftc.gov/credit or call 877-382-4357 for more details and to see when you can make your requests. You don’t have to ask all three credit bureaus for your reports at the same time; you can stagger your requests if you prefer. Do not contact the credit bureaus directly for these free annual reports. They are only available by calling 877-322-8228 or going to www.annualcreditreport.com. You can make your requests by phone or online, or download a form to mail your requests.
Why pay extra for them when you can get your credit reports for free or very cheap? Read the description of the services carefully. Unless you’re a victim of serious and ongoing identity theft, buying a service that alerts you to certain activities in your credit files probably isn’t worthwhile, especially if it costs hundreds of dollars a year. You can purchase copies of your credit reports anytime for about $9 through the bureaus’ Websites or by phone: Equinox, 800-685-111; Experian, 800-311-4769; TransUnion, 800-888-4213.
Business Security
Protect all pages on your public-facing websites, not just the checkout and sign-up pages.
Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network. Require users to password protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks. Be sure to set reporting procedures for lost or stolen equipment.
Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords. Administrative privileges should only be given to trusted IT staff and key personnel.
Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly, and store the copies either offsite or on the cloud.
Work with your banks or card processors to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have additional security obligations related to agreements with your bank or processor. Isolate payment systems from other, less secure programs and do not use the same computer to process payments and surf the Internet.
Consider implementing multifactor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multifactor authentication for your account.
Educate your employees about online threats and how to protect your business’s data, including safe use of social networking sites. Depending on the nature of your business, employees might be introducing competitors to sensitive details about your firm’s internal business. Employees should be informed about how to post online in a way that does not reveal any trade secrets to the public or competing businesses. Hold employees accountable to the business’s Internet security policies and procedures.
Establish policies on how employees should handle and protect personally identifiable information and other sensitive data. Clearly outline the consequences of violating your business’s cybersecurity policies.
Safeguard your Internet connection by using a firewall and encrypting information. If you have a Wi-Fi network, make sure it is secure and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router.
Make sure each of your business’s computers is equipped with antivirus software and antispyware and update regularly. Such software is readily available online from a variety of vendors. All software vendors regularly provide patches and updates to their products to correct security problems and improve functionality. Configure all software to install updates automatically.
Charles Pagano
Mel Dowdell
Damion Olinger
Call us on
770.973.7233
Visit Us
340 Boulevard NE Atlanta GA 30312
Email us at
MaryLou.Pagano@safeamerica.org