Enterprise Threat Intelligence: Stopping Risk in its Tracks

By | December 19th, 2013|Uncategorized|

One of the most interesting security trends we’ve seen develop—and help develop—over the past year has been the practice of businesses monitoring employee and customer login credentials.

You’ve heard us talk about it quite a bit in 2013. For instance, our research earlier this year showed that 61 percent of consumers repeat passwords across multiple websites. Why is this significant? Say your customer or employee uses the same login information on your website as they do on another. If that other website is breached and user credentials are compromised, this opens up vulnerabilities on your website as well. Companies are starting to realize and act on this fact. A great example of this scenario was the Adobe breach, otherwise known as the “breach heard around the world.” After news of the Adobe breach was made public, many unrelated third party websites reached out to users that had emails compromised in the breach and encouraged them to update passwords.

To lessen these vulnerabilities, we launched a solution called Enterprise Threat Intelligence (ETI). ETI uses our CyberAgent technology to proactively watch for compromised data, including login credentials and IP addresses, among the depths of the Internet. ETI notifies you upon finding compromised employee and customer logins or compromised company devices. Then with this insight, your business can take action to mitigate the issue, like require that your compromised employees or customers reset their passwords immediately. This proactive approach helps stop the problem in its tracks, alleviating risk for further compromise.

We’re excited to release an animated video that walks you through this trend and our ETI solution. Take a look!

Do you reuse credentials across sites? Would you use ETI for your business? Let us know—join the conversation on Twitter and Facebook.

Saving Brands From Breach

By | May 22nd, 2012|Uncategorized|

When a company is breached, it suffers more than just data exposure and recovery expenses—the company brand can take a significant hit. Studies show that data breaches often have long-term effects on brand value. Organizations that have been breached have reported losing anywhere from $184 million to more than $300 million in brand value per breach. How can companies mitigate harm to their brand in the event of a breach?

One solution: appease your customers. A Ponemon Institute study found that nearly 20 percent of customers of breached companies immediately canceled their accounts, and an additional 40 percent considered termination. In these cases, customer service is key.

As this recent article in The Atlantic describes, it’s crucial for companies to have a strong breach response plan in place prior to a breach, and this plan should include customer service oriented elements such as: 

  • Communicate with customers. How will you notify your customers of the breach, and how will they be able to get in touch with you with questions and comments? When Stratfor suffered a breach this past winter, for instance, the company website was unavailable for a number of days. Stratfor directed all customer service questions to the company’s social media outlets in lieu of the website.
  • Offer support and protection. Help your customers secure any data that was exposed as a result of the breach and protect them from additional risk by offering identity protection services. This will demonstrate that your company is taking action to remedy the situation, and will help maintain customer trust in your brand.

For more about breach mitigation, check out this recap of our SXSW panel, “Data Breaches: Taking the Bull by the Horns.”

Global ID Protector Named 2012 National Technology Awards Finalist

By | May 9th, 2012|Uncategorized|

Terman Finalist logoThough Global ID Protector was only released this past August, it is already making a name for itself in the technology space. Global ID Protector is used by Fortune 500 international companies, has been deployed in more than 47 countries and has been translated into 15 languages. And in December, the Austin Business Journal awarded Global ID Protector the Gold Award – the top honor – in its annual Tech Innovation Awards program, recognizing the technology’s ability to positively impact the security industry.

Now, Global ID Protector has done it again. The TechAmerica Foundation has named CSID a finalist in the Cyber Security and Authentication category of the 2012 American Technology Awards (ATA’s) for the Global ID Protector product. We’re up against two other finalists in the category: RSA and KOBIL USA. See more about the awards and the complete list of finalists.

Jennifer Kerber, President of the TechAmerica Foundation, said in the company’s press release: “The caliber of this year’s nominees was incredible. Our judges had their work cut out for them in coming up with these outstanding finalists, who represent the best of technology in their categories. What a great indicator of how the tech sector is growing and innovating.”

They’ll be announcing the winners for each category early next week. Fingers crossed for CSID!

Top 7 Tips to Prevent Identity Theft (Part I)

By | May 28th, 2011|Uncategorized|

By John Sileo, [cc id=’csid’] consumer security expert

Step one of my 7 Steps to Secure Profitable Business Data is to “Start with the humans.” It is crucial to the success of your business’ security efforts that you give your employees the tools to protect themselves personally from identity theft. This develops a privacy language and framework that can be easily adapted to business security.

Pass on the following tips to your employees—seven easy measures to help prevent personal identity theft:

1. Monitor Your Accounts Online

One of the quickest ways to detect identity theft is to monitor your credit card, bank and brokerage accounts online. By doing so, you speed up the detection time and shut down fraud before it becomes a major problem. You can do this either by logging on to the website for the financial provider in question (e.g., your bank), or by setting up automatic account alerts that warn you by email or text message anytime a transaction occurs on your account.

For example, if you have credit card account alerts set up to notify you by email, and you receive an alert that $1 has been spent at a gas station when you haven’t been to a gas station that day, you know that your card has been compromised. Thus, you can shut it down immediately before you become liable for the fraud. Alerts are a painless, immediate way to keep tabs on your financial health.

2. Use Surveillance to Monitor Your Identity

Only about 25% of identity theft can be caught by monitoring credit reports, but there are more sophisticated identity theft monitoring and protection services in the marketplace. I have used [cc id=’csid’] for the past five years because of the quality and volume of monitoring they provide, the convenience of their service and the safety of their data centers.

The product automatically monitors all of the potential sources of identity theft so I don’t have to do it myself. I receive a monthly email letting me know if there are any areas that I should be concerned about. That way, I only have to think about it when necessary. Again, convenience is crucial—If we make it easy to be safe, we will be safe!

You should expect to spend approximately $150 per year for a good service. Keep in mind this is likely less than you spend to insure your car and home, which are worth far less than your identity.

3. Opt Out of Financial Junk Mail

There are complete industries built around collecting, massaging and selling your identity data and habits. Companies buy bits of your privacy so that they can knowledgeably market products to you that you are likely to purchase.

“Pre-Approved” credit card offers, for example, are major sources of identity theft. They give thieves an easy way to set up credit card accounts in your name without your consent. The thieves then spend money on the card, leaving you with the mess purchases that you didn’t make.

The solution is to “opt out” of receiving financial junk mail such as pre-approved credit, home loan and insurance offers. Notify organizations that collect your personal information to stop sharing it with other organizations. This minimizes the amount of your personal information bought and sold on the data market.

To easily opt out of pre-approved credit offers with the three main credit reporting bureaus, call 1-888-567-8688 or visit www.OptOutPreScreen.com.

Have your employees begin to conquer these initial tasks—completing the tasks will help your them understand identity security and be ready to take on the remaining four tips, coming soon.

[cm id=’john-sileo-bio’]

Load More Posts