Cody Gredler

About Cody Gredler

Cody knows cyber security. As CSID’s Director of Marketing she has a keen understanding of what is going on both in the news and behind the scenes with the latest breaches, security threats and identity theft scams. Cody writes about the latest industry news, breaches, identity theft trends and often shares helpful security tips for both businesses and consumers.

Technologies To Up Your Security

By | April 25th, 2017|Online Safety|

CSIDIn our fast-paced, increasingly digital world, more data is being shared and transferred than ever before. As we rely more and more on our digital devices, we must be aware of the risks that come with increased connectivity and take the necessary steps to help keep our information secure.

In the U.S. last year, there were up to 1,000 mobile malware attacks happening every hour. It’s no coincidence that cyber criminals are focusing their efforts and honing their skills on mobile attacks – cyber criminals are aware that mobile devices have become an extension of ourselves and are a high-value target. While you may not be able to make yourself completely immune to attack, there are many technologies and features on your mobile and other devices to help minimize risk.

Technologies to Turn On
Many of the technology features available right at our fingertips can help improve our security. To add an extra layer of protection to your accounts, enable two-factor authentication (2FA) whenever possible. This can take a variety of forms – enabling 2FA on an online banking account, for example, may send an additional code to your phone. If someone discovers your password, they won’t be able to access anything unless they also have your smartphone. 2FA may also take the shape of an additional security question, or entering a unique pin code, before you are able to access your account.

Especially when you’re traveling, it’s worth creating and connecting to a virtual private network (VPN). Wi-Fi options can be limited on vacation, and connecting to public Wi-Fi, which transmits data in cleartext, could allow a remote attacker to identify and extract information. With a VPN, if you need to access sensitive information, your IP address and personal details will remain hidden. VPN connections are encrypted, so even if an attacker captures the traffic, they will only see a handful of indecipherable characters.

While using unique, strong, passwords for your accounts is always recommended, there are additional steps to take to up your security. Strengthen your online accounts by utilizing authentication tools, such as biometrics or security keys, Another technique is to put a PIN lock on your SIM card, which prevents anyone from using your SIM on a different phone. If you were to lose your phone, these all provide an extra layer of security. Invest some time in learning the privacy and password settings of your phone to make sure you’re taking full advantage of these features.

At the rate technology is evolving, it can be difficult to stay on top of threats. Consider enlisting the help of a monitoring service to notify you if something is awry with your monitored personal information. These notifications empower you to respond quickly to a potential identity theft event so that you can minimize your risk.

Technologies to Turn Off
While new technology strives to make our lives easier and more convenient, sometimes having specific features “on” can contribute to a more insecure device. Particularly on our smartphones, there are several settings that may be worth disabling to minimize the risk of attack. For example, consider turning off Wi-Fi and Bluetooth when you’re not using them. If these features are on, they will constantly be searching for networks and devices to connect to in the area. For networks that span wider spaces, your movements could be tracked. Similarly, turning off your phone’s “Location” function will limit others from tracking the location of your phone. Keep in mind that you can always turn this feature back on if you need to use GPS. Turning off the “Location” function will also help with both your social media and SMS messaging because potential criminals won’t be alerted to your whereabouts. You might not think about risks associated with a phone’s geotagging and location functions, but they could be used for malicious purposes.

As cyber criminals continue to target mobile devices, it’s on all of us to ensure we’re taking the necessary steps to improve our security. Do you have a technology feature or best practice that helps you stay secure? Join the conversation – get in touch with us on Facebook, Twitter, or LinkedIn.


Protecting Yourself Against Tax Identity Theft

By | March 7th, 2017|Identity Protection|

CSIDEvery year, tax season gives way to a fresh wave of identity theft-related crimes that affect millions of Americans. In 2015, the U.S. Federal Trade Commission tracked a whopping 47% increase in identity theft complaints. Tax refund fraud was a major contributor to this spike, with FTC Chairwoman Edith Ramirez naming tax refund fraud as the “largest and fastest growing ID theft category” tracked by the commission.

Tax-related identity theft crimes involve thieves using stolen Social Security numbers to file tax returns and cash in on refunds. Tax identity theft victims usually discover the crime when their returns are rejected because scammers have already filed. It’s important to note that even those who are not required to file a return can also fall victim to return fraud. Similarly, even if you’re not owed a refund from the IRS, you are also at risk for these crimes.

Although the IRS reported that their public-private partnership crackdown efforts have helped prevent millions of dollars in fraudulent reports in 2016, there are steps that individuals should take to help reduce the likelihood of tax identity theft:

  • File early: The best way to avoid falling victim to tax identity fraud is filing your state and federal taxes as soon as filing season begins. This usually falls on the second or third week in January.
  • Watch out for tax documents in the mail: Usually, employers and banks will send hard copies of tax documents in the mail, noting “tax documents enclosed” on the envelope. This is an easy target for identity thieves, but can be avoided by having your mail delivered to a mailbox that locks, a P.O. box, or by simply checking your mail frequently.
  • Safeguard your Social Security number: Any vulnerability to your SSN can result in fraudulent tax crime. Some best practices for protecting your SSN are shredding documents that include the number, only sharing on secure documents when required, and keeping your Social Security card in a safe place. If you believe your SSN is at risk, there are monitoring services available that will alert you if a fraudulent name or address has used it.
  • Beware of phishing scams: The IRS saw a 400% increase in phishing and malware incidents in the 2016 tax season. These scams, conducted via email or telephone, are disguised as official communications from the IRS, tax software companies, and other tax companies. The scammers ask for personally identifiable information like SSNs. The IRS does not initiate contact with taxpayers by email, text messages, or social media to request personal or financial information. If you encounter a phishing scam, report it to the IRS.
  • Request a free copy of your credit report annually: Consumers are legally entitled to a free copy of their credit report from each of the major bureaus every year, which include Experian, Equifax, and TransUnion. Proactively disputing unauthorized or suspicious activity is one way to get ahead of potential identity theft. The three national credit reporting companies created a central location for ordering credit reports, which you can do by visiting com or by calling 1-877-322-8228.
  • Data breaches and your taxes: If you’ve fallen victim to a data breach where your SSN was compromised, it’s likely that this information could be used to file a fraudulent tax return. The FTC recommends that data breach victims notify one of the three major credit bureaus to place a free fraud alert on credit files. Another recommended step is a credit freeze, which prevents access to credit records. In some cases, the IRS may contact breach victims to inform them of tax-related identity theft or if an e-file tax return was rejected as a duplicate. In these instances, submit IRS Form 14039 (see below), and continue to file your tax return.

Victims of tax-related identity theft should respond immediately to notices from the IRS that indicate fraudulent tax activity. You can contact the IRS Identity Protection Specialized Unit to report fraud at 1-800-908-4490. It’s also worth filing a police report or an IRS ID Theft Affidavit Form 14039, along with proof of your identity like your Social Security card. Record the dates you made calls and keep any copies of letters you sent, along with all tax documents and IRS notices.

Proactivity is key when combating any instance of identity theft. If you’ve experienced tax identity theft and want to share any lessons learned, join the conversation on Facebook, Twitter, and LinkedIn.

Tips for Staying Secure on Social Media

By | February 2nd, 2017|Online Safety|

CSIDWe recently celebrated Data Privacy Day, where industry leaders and experts shared security insights to help businesses and individuals protect themselves from cybercrime. Social media was a big focus throughout the day; in fact, Twitter celebrated by live streaming from its headquarters, hosting panels with some of the top minds in the industry. As social media continues to become more popular, there are new cybersecurity concerns to consider. Information that is shared on social media can be used to access other, more sensitive accounts – especially if that information is the answer to a password reset question, such as the name of a first pet or favorite teacher. Individuals and businesses alike can take basic precautions to minimize the risk of their information becoming compromised.

Social media networks are doing their part to keep their users’ information secure. Facebook just announced its updated “Privacy Basics” tool, which makes it easier for people to find the tools that control how their information is shared on Facebook. Twitter also updated their safety policy at the end of last year, allowing users to mute or report abusive or hateful content, even allowing bystanders to step in to report questionable content.

While we love seeing social media platforms upping their security, the responsibility ultimately falls on the individual to check out the privacy settings offered across platforms and use caution when sharing information. Here are a few tips and best practices to consider:

  • Facebook offers a Privacy Checkup, which walks users through their settings. The checkup reviews who can see your posts, which apps you’re using, and the privacy of critical pieces of information on your profile.
  • Turn on two-factor authentication. Many networks, including Facebook and Twitter, offer the option to have a security code sent to your phone whenever you log in from a new device. It’s a quick, convenient extra measure of security.
  • If you go on vacation, it’s tempting to share photos of your experiences as they happen. However, it’s best to wait until you’re back home to post. Otherwise, you’re alerting a potential cyber criminal to the fact that you’re away. An empty house is a much more attractive target for a thief.
  • While you’re at it, it’s worth turning off the geotagging feature of your networks. When you’re posting, there’s an option to share your location. Make sure that icon is unchecked, or people will know exactly where you are when you post. If you’re at home, they now have your address. If you’re out and about, they now know your home is unoccupied.
  • Keep your social media bios free of personally identifiable information. You can also remove the year from your birthday, and refrain from sharing other information like your mother’s maiden name or high school mascot, since they often serve as password reset questions to your online accounts.
  • When your favorite social media app offers an update, do this as soon as possible. Many updates fix bugs and potential vulnerabilities, so it’s worth taking the time to do it, even if it means waiting a few minutes before being able to log in.

What other tips do you have for staying secure on social media? Join the conversation on Facebook, Twitter, or LinkedIn.

Unlocking the Power of Data to Change the World

By | January 12th, 2017|Company News|

As part of the Experian family, we’re excited to participate in their #ExperianStories campaign with a story of our own.

For more than 10 years, we’ve had the immense privilege of developing innovative solutions to help businesses and consumers address growing threats related to breach and identity theft. We started in 2006 with four founders and now have more than 180 employees, offices in four different locations around the globe, and products spanning both credit and non-credit identity monitoring solutions.

We believe that harnessing the power of data plays a critical role in protecting consumers, businesses and society against growing cyber threats. The identity protection services we provide to businesses mine the dark web to alert consumers to instances where their identity may be at risk, empowering them to respond quickly and mitigate the impact of identity theft. Our access to this data and intelligence allows consumers to take a more proactive approach to protecting their identity.

Beyond the technology services we provide, we also believe in making the world a better place in other ways: through our culture and our people. We’ve maintained a long-standing tradition of giving back to and supporting the community in ways that make a positive impact. In fact, it’s been core to our culture since we started the company and remains a central part of our mission. We offer a variety of service opportunities for our employees throughout the year and encourage them to get involved in with organizations and causes for which they are most passionate.

Throughout the last 10 years, we have partnered with fantastic local organizations like Lifeworks, Operation Blue Santa, the Sustainable Food Center, and Girlstart. Just last month, we spent an afternoon sorting, bagging, and wrapping presents for families in need for Operation Blue Santa. It was an incredibly moving experience and we were glad to play a small role in spreading some holiday cheer. We look forward to deepening our relationships with these organizations, and volunteering with others, in the year ahead.

We’re fortunate to have a company where our people are moved by the power of data and technology to change the world – and are ready to volunteer their time to make the world a better place. You can find out more about why giving back goes hand-in-hand with CSID culture on our site.

Join in on the conversation by sharing your story and tagging #ExperianStories and follow along with all CSID news on Twitter, Facebook and LinkedIn.

Resolutions for a More Secure 2017

By | January 6th, 2017|Online Safety|

CSIDLast year is in our rearview mirror, and we’re moving full steam ahead into 2017. It’s around this time that people start focusing on their New Year’s resolutions. One resolution that should be on everyone’s list: improving personal online security. With the right resolutions, you can help minimize the risk of your information being compromised online.

Resolve to Use Strong Passwords and Update them Regularly
A quick look at the most common passwords from 2015 reveals a list that lacks complexity. The two most common are “123456” and “password,” with other easy-to-guess passwords like “football” and “abc123” high up on the list.

Yes, these passwords are easy to remember, but that also means they are easy to guess. Make a promise to yourself in 2017 that you won’t use your name (or a family member’s name, including pets) or birthday (or a family member’s birthday) in your passwords. Use long, strong, unique passwords with a mix of numbers, letters, and special characters. A technique that could help if you can’t think of anything is to start at a key on your keyboard and draw the shape of a letter. For instance, beginning at the “X” key, your password could be XdR5TgY&UjM, which makes the shape of the letter “M.” The end result is a password that’s difficult to crack but easy to remember.

Creating a strong password is the first step. To take your security even further, keep that password updated regularly – that means changing it every three to six months. Additionally, don’t reuse passwords across multiple apps and sites. Together, these steps will reduce the risk of your information being accessed.

Resolve to Think Before Clicking
Have you ever received an email or a link from a company or a person you knew, but something just seemed a little bit off? Maybe a word was misspelled, or the language just didn’t sound like it normally does. It’s possible the email was a phishing scam. Before you click on something that looks suspect, visit the sender’s website directly or give their customer service a call. And if the link was sent from a friend or colleague, pick up the phone and confirm they actually sent it themselves.

Resolve to Be More Proactive – And Make Your Devices Act Accordingly
Enabling two-factor authentication or setting up monitoring services can further bolster your protection. It’s always a good idea to keep an eye on your credit card and bank statements. If there’s a charge that looks unfamiliar, contact your credit card company or bank. Many credit card issuers give users the option of opting in to alerts if something seems out of the ordinary. It’s very easy to set these alerts up, and they’re incredibly helpful in keeping an eye on your data and sensitive information.

With these resolutions, you’ll be doing your part to make this year more secure. Another great resolution is to educate others: help a family member set up monitoring services, or encourage a friend to update their passwords. Together, we can help minimize the risk of cyber attacks.

Do you have any other cybersecurity resolutions for 2017? Share your tips with us on LinkedIn, Facebook and Twitter.

How the Election May Affect Cybersecurity for Consumers

By | November 16th, 2016|Industry News|

CSIDRegardless of where you stand politically, one thing we can all agree on is that the topic of cybersecurity took a prominent role in this year’s presidential elections – from concerns around hacks at polling sites to alleged cyber-attacks against the candidates themselves. Now that the election period has come to a close, the outcome will undoubtedly have implications for consumers, as several cybersecurity policies and practices come under discussion and key legislative decisions are made.

In 2016, we saw key moves from the White House, including the introduction of the Cybersecurity National Action Plan (CNAP), a plan seven years in the making which takes near-term actions and puts in place a long-term strategy to enhance cybersecurity awareness and protections, and empower Americans to take better control of their digital security. As cybersecurity continues to garner growing national attention, we can expect it to remain a popular topic of conversation and influence decisions being made in 2017 and beyond.

We’re still in the early stages of learning about President-elect Trump’s plans for cybersecurity beyond the vision expressed on his campaign website, which includes the establishment of a Cyber Review Team and Joint Task Forces. Trump’s 100 Day Action Plan, the roadmap of priorities for his incoming administration, also promises to work with Congress to establish a “Restoring National Security Act,” a provision of which would go towards protecting the country’s infrastructure from cyber attacks. Trump has also promised a federal hiring freeze and a new requirement that two federal regulations be eliminated for every new regulation. If enacted, both of these policies could potentially impact existing cybersecurity regulations like the CNAP.

On the financial side, consumers could also be impacted by his promised reforms to the Dodd-Frank Act. Part of that act established the Consumer Financial Protection Bureau, a government organization that educates consumers on financial risks including identity theft and fraud.

As we learn more, it’s imperative that consumers understand the role they play in staying secure, regardless of policy decisions made at the state and federal levels. It’s the responsibility of all consumers and businesses nationwide to keep cybersecurity top-of-mind and take the necessary proactive steps to help safeguard their personal information. Here are some steps you can take – in five minutes or less – to up your personal security:

  • Turn on two-factor authentication (2FA) on your online email and financial accounts: By making the login process harder and more complex through incorporating this additional step, 2FA provides an extra layer of security for you against attackers.
  • Create long, strong and unique passwords: Take a few minutes to ensure all of your passwords include a long and cryptic combination of upper and lowercase letters, numbers, and special characters. Also avoid using easy-to-guess passwords, like your name, birthday, or pet’s name, and be sure to use unique passwords across accounts.
  • Opt-in to automatic updates: Software updates almost always address security vulnerabilities. Keeping your system updated with the latest software means you have the latest patches to defend against threats.
  • Check your privacy settings on social: Social platforms are constantly updating their security and privacy policies, with new features like 2FA that can help keep your information secure. Stay up to date with these policies to make sure you’re taking advantage of all security features.

Have more tips to share? Weigh in with us on Facebook, Twitter and LinkedIn.

Friday’s Cyber Attack and Future Threats

By | October 24th, 2016|Industry News|


Photo by: DownDetector

Friday was an interesting one for Internet users in the U.S. A large-scale Distributed Denial of Service (DDoS) attack took down a number of sites including Twitter, Netflix, and Amazon for a large part of the day. Many of us were left with a newfound sense of how much we rely on web-based services in our day-to-day lives and a growing unease about how vulnerable these services are.

DDoS attacks are not new and are just one type of cyber attack in a growing arsenal. We’ve compiled a list of some of the types of cyber attacks that are seeing incredible growth, and a description of how each works. You’ll likely be hearing these terms more as these attacks continue to grow in prevalence and scope.

Distributed Denial of Service Attack: Friday’s Internet outage was caused by a DDoS attack on Dyn, a company that monitors and routes Internet traffic. While Friday’s attack did require a fair amount of sophistication (USA Today has a great summary of the details we know to date), most DDoS attacks are easy and inexpensive for hackers to execute. A DDoS attack occurs when a website’s servers are flooded with illegitimate page requests, preventing legitimate requests from getting through. This can often cause the website to crash. Cyber criminals can execute DDoS attacks for as little as $150 a day by purchasing botnets on the online black market. Botnets are a network of computers and connected devices infected by malware and controlled without the owner’s knowledge. Botnets are used to send the page requests, resulting in the overburdened servers. A recent study by CDN services company Akamai found that there has been a 125 percent increase in DDoS attacks year-over-year and a 35 percent increase in their duration.

Zero Day Attacks: A Zero Day vulnerability refers to a hole in a businesses’ software that is unknown to the software provider. A Zero Day attack refers to an incident in which this hole is exploited by hackers before it is discovered and fixed. Because these vulnerabilities are unknown to the developer, cyber criminals can often exploit holes for months before anything is detected. According to Symantec, the number of Zero Day attacks also increased by 125 percent last year.

Domain Name System (DNS) Highjacking: The DNS is a naming system for any resource connected to the Internet that associates various information with domain names. For example, a DNS translates a user-friendly name, like, to its corresponding IP address. DNS hijacking, or DNS redirection, is the practice of intercepting and changing the information associated with a DNS record for malicious reasons. The result is a user ends up on a site that has malicious malware or code instead of the site intended.

These are just a few of the cyber attacks we’ll be reading more about in the coming years, especially as the skill set and resources needed to execute them continues to lessen. For businesses, it means strengthening security on their sites and focusing on security against web-based attacks. For consumers, it is about staying informed.

Were you affected by Friday’s DDoS attack? Share your experience with us on social media. Follow CSID on FacebookTwitter or LinkedIn.


Industry News Recap: National Cyber Security Awareness Month

By | October 7th, 2016|Online Safety|

CSIDNational Cyber Security Awareness Month (NCSAM) kicked off this month and as a result, more eyes than ever are on cybersecurity. This week, we’re spotlighting a few recent national stories we expect to be a key part of the conversation among those participating with us in the month-long celebration.

Cybersecurity and the 2016 Election
For the first time in history, cybersecurity has emerged as a major topic in the 2016 general election. In the first presidential debate, both candidates talked about cybersecurity, especially in regard to alleged recent state sponsored cyber attacks. Both candidates agreed that the US should have strong cybersecurity capabilities to combat such threats.

National cybersecurity will continue to be in the news as Election Day itself approaches. Politico recently reported that hackers have probed voter registration systems in more than 20 states. In the wake of this news, more and more voters are becoming concerned as they prepare to head to the polls. Fortunately, many states are now working diligently with the Department of Homeland Security to ensure that their voting systems are properly secured for Election Day.

IoT Breaches On The Rise
The Internet of Things (IoT) continues to grow steadily, and organizations of all kinds are learning to adapt to the new technology ecosystem. However, security flaws in the IoT remain as a concern that has not been adequately addressed. Powerful DDOS, or “distributed denial of service” attacks via IoT devices have made headlines in recent weeks. DDOS attacks are a tried and true type of threat, but what we’re beginning to see is cyber criminals using compromised IoT devices to augment the size of an attack.

As part of NCSAM, the Online Trust Alliance released a checklist of steps for ensuring the security of IoT devices. Just as for most online risk mitigation, consumers should regularly update privacy settings on home and wearable devices in order to remain secure. Additionally, users should create long and strong passwords for all of their devices, and update them regularly.

Security Skills Gap
As we discussed a few weeks ago, the shortage in trained cybersecurity professionals is a problem. New reports show that the problem is continuing to grow. More than 209,000 U.S.-based cybersecurity jobs remained unfilled, a figure that is up 74 percent since 2011. Overall, the state of the cybersecurity skills shortage continues to pose a threat to the industry.

In spite of these issues, 79% of current cybersecurity professionals say that they are happy in their career path. It’s a fulfilling career, especially for today’s tech savvy population. Additionally, more and more schools globally are establishing programs and scholarships that directly address the cybersecurity skills gap by sparking curiosity and inspiring younger generations to get involved in the field.

To stay up to date with all the industry news shaping up during NCSAM, be sure to follow us on FacebookTwitter and LinkedIn

How Companies Can Stay Secure When Introducing BYOD Policies

By | September 23rd, 2016|Business Security|

CSIDBring your own device (BYOD) policies continue to grow in popularity. Employees and employers alike are enjoying the flexibility of using their own devices for work, so much so that we’re starting to see the workplace itself evolve. While we’ve seen many benefits to these policies (productivity, cost savings), it’s important to note that creating a BYOD policy without security in mind may put company data at risk.

BYOD policies may mean an increased risk for employee error. For example, a recent survey found around 40 percent of respondents said they never change their passwords on devices except when prompted to do so. Forty percent also said they use the same passwords across multiple websites. Such poor employee password habits can leave the door wide open for criminals, as we demonstrated last year, when hackers were able to infiltrate our fictional small business, Jomoco, in less than an hour.

However, a thorough understanding of the strengths, preferences and limitations of the average employee can address these security gaps. Here are best practices and recommended tools to implement effective BYOD security measures for your company:

BYOD best practices:

  • Develop a BYOD policy in partnership with IT, risk management, and legal counsel. Keep an open line of communication with IT so they can quickly communicate new and emerging threats of which employees should be aware of.
  • Educate employees on BYOD security best practices regularly. It should never be assumed that your employees understand all the guidelines spelled out in your policy.
  • Require your employees to create long, strong and unique passwords, and encourage employees to take advantage of two-factor authentication wherever possible.
  • Require that employees password protect their mobile device if it hosts company information.
  • Require your employees to update their software on devices when prompted. These updates typically address security vulnerabilities.
  • Require that employees quickly report any lost or stolen devices. Swift response allows you to mitigate the risk of sensitive information falling into the wrong hands.

BYOD tools:

  • Use a secure alternative to open Wi-Fi networks. Provide employees with access to a VPN or hotspot.
  • Create and provide standard antivirus, anti-malware protection for all types of devices.
  • Consider enlisting the support of a proactive monitoring service for your company. By proactively monitoring for employee credentials on the dark web, businesses can determine when an employee’s personal information may have been compromised.

As a closing thought, always keep in mind that threats are constantly evolving, so a good BYOD policy is never complete. Just like any business process, BYOD polices should be reviewed and updated on a regular basis.

To stay up to date with all business security news, be sure to follow us on FacebookTwitter and LinkedIn.


Cybersecurity Tips for Working Remotely

By | September 16th, 2016|Business Security|

CSIDFor 3.7 million Americans, waking up and logging onto a computer from the comfort of their home marks the start to their workday. According to Global Workplace Analytics’ 2016 study, 50 percent of the US workforce is now permitted the luxury to partially telework during the workweek. This trend continues to edge toward the norm. In fact, the ability to work remotely, for the greater, non-self-employed population, has grown 103 percent since 2005.

While more opportunities to work remotely may reflect the emerging modern workplace, there are several factors employers and employees should weigh and discuss to ensure security is top of mind.

If your job allows employees to work remotely, consider the following:

Employees: Protect Your Home

  • Use strong, cryptic passwords on all of your work and personal accounts. Resist the urge to duplicate passwords.
  • Use two-factor authentication whenever offered for both work and personal accounts.
  • Personal and work devices should be equipped with the latest antivirus software, web filtering, firewalls, and encryption. Always make sure your devices and software have the most up-to-date versions to help safeguard information.
  • Work with your company’s IT department to set up a virtual private network, or VPN, to add another layer of security to your home’s internet.

Employees: Working Elsewhere

  • Employees should keep personal and work devices password protected in the event they are stolen or misplaced.
  • Avoid accessing sensitive company accounts on public Wi-Fi or unsecured networks. Public Wi-Fi can increase the risks of signal sniffing and compromise personal accounts, as well as professional networks. Many hackers set up accounts that mimic the names of frequented locations, hoping to steal from unknowing users. Consider using a VPN to access company data, or using your cell phone as a hotspot.
  • Be aware of your surroundings. Consider a screen protector and make sure sensitive calls are made in private.

Employers: Create a Cybersecurity Policy for All Employees
To help foster a conversation and environment committed to cybersecurity, organizations should create a cybersecurity policy and make staff training and security education a priority. In a recent episode of Firewall Chats, Michael Kaiser, executive director at the National Cyber Security Alliance, discussed creating a culture of cybersecurity at work.

“[Policies need] to be reinforced,” Kaiser said. “It can’t be a one and done kind of thing. It has to really be periodic. … Reminding people of the value of the information that an organization holds and the responsibility they have to protect it. When people give you their information, they expect you to protect it.”

To create a cybersecurity policy:

  • First, identify the security risks and threats that may affect your business
  • Develop clear policies and procedures for all employees, whether on-site or off-site
  • Train all employees on your new (or existing) cybersecurity policies
  • Create and maintain a process to help reward policy followers and address offenders
  • Define and address third party and vendor risks
  • Work closely with your IT department to detect and address unauthorized activity

Creating a culture of cybersecurity will help safeguard employees and company data, regardless of where they work. Employees, do you have the ability to work remotely? Are you aware of the security steps needed to help keep your company safe? Share your experiences on Facebook, Twitter and LinkedIn.


Load More Posts