skip to main content

BizConnect online banking is about to get even better!

Here's great news! We are launching a new business online banking experience that will make managing your business finances easier than ever.

What's New...

BizConnect will now be known as Business Online Banking. A fresh, new look and seamless functionality will make Business Online Banking simple to use with convenient access to your most commonly used services.

Learn More Today   Continue to Login

NLNB Blog

Small Breaches Can Make Big News: How to Protect Your Organization

<a href="https://cyberscout.com/education/blog/small-breaches-can-make-big-news-how-to-protect-your-organization">Small Breaches Can Make Big News: How to Protect Your Organization</a>

A recent leak compromised the personal data of all 4,557 active students at the California State Polytechnic University Science School.

This was not a case of hackers gaining access through illicit means or an accidental exposure of an unsecured database. The data was inadvertently sent in a spreadsheet as an email attachment by a university employee. It included names, home and email addresses, gender, ethnicity, as well as academic performance.

“It was somebody making an honest mistake. Significant mistake, I’m not minimizing that, but it was just an honest mistake,” said Tim Lynch the associate vice president for Strategic Communications to a campus newspaper.

While the leak itself was quickly identified and the information didn’t contain Social Security numbers or any other information that could be leveraged in a credential stuffing attack, it does provide a clear object lesson for organizations and businesses alike: Data leaks and breaches have become a common enough occurrence that even comparatively minor incidents can garner a wave of negative publicity, significantly damage customer or member confidence, and open the way to expensive fines and litigation.

While the personal data of 4,557 students, or 2,800 Girl Scouts, or 3,000 Minnesotans might pale in comparison to the steady flow of mega breaches from the likes of Equifax or Collection #1-5, but any of them have the ability to effectively sink a business financially. The most recent Ponemon study suggests that the average cost of a data breach is $3.86 million – and it’s likely to rise as more governments levy fines for negligence, and customers increasingly blame businesses for data breaches instead of hackers. And that’s saying nothing about the damage caused by a breach or compromise to an organization’s reputation.

A company the size of Facebook or Microsoft may be able to weather the consequences of poor data management, but most companies and organizations can’t. Fortunately, much of the risk can be mitigated through employee training in the practice of good data hygiene (the employee who leaked the student records really should have double-checked the attachment they were sending), but that doesn’t address the cyber culture that allowed such a trove of information to reside in a spreadsheet to begin with.

Some basic tips for any business or organization:

  • Treat any personally identifiable information as privileged: it should only be accessible via login and password from pre-vetted users.
  • Require a VPN to log into your network remotely; anyone accessing your workplace’s data should need to be an authorized user at your organization, regardless of their location.
  • Re-consider BYOD: every employee’s phone connecting to the network exponentially increases your risk of a data breach and that increases further with every app installed on every device. If someone needs a mobile phone to do their job, supply them with one.
  • Create a workplace policy where employee passwords are assigned rather than chosen (less password re-use), changed passwords regularly, require 2-factor authentication, and where accounts have access revoked as soon as an employee is no longer with your company or organization.

Link to original article

Local People. Local Decisions. Local Ownership.
NebraskaLand National Bank is committed to website compliance with the Americans with Disabilities Act.
We strive to make our site useful and accessible to everyone. If you have questions or comments regarding the website please contact us.
copyright © 2004-2019 NebraskaLand National Bank. All rights reserved. / sitemap / Admin Login
top
^