The start of the new year is a good opportunity to review your cyber security protocols and dispel some of the common myths that still exist around cyber security. Buying into these myths only makes it easier for scammers to gain access to your customers’ personal and financial information. Knowing that these are not true is the first step to us all being safer online.
1. Security software slows down or interrupts workflow
This one simply isn’t true, and we believe the myth has originated from poor implementation of security tools, rather than the limitations of the tools themselves. If security tools have been implemented properly then you should be provided with security without affecting your users’ productivity.
2. I have a strong password, I am safe
Whilst having a strong password is a necessity, unfortunately it isn’t enough on its own. A good way to add another level of security is to use multi-factor authentication (MFA), requiring users to authenticate themselves via a second method such as their phone or an app like Google Authenticator. With MFA in place, even if criminals do manage to get hold of usernames and passwords, they still won’t be able log in without the ‘second factor’.
3. Security costs too much
Companies who think like this are often not considering the downside costs. Data breaches will end up being much costlier to your business than making sure you have dedicated security solutions in place before they can happen. Capita estimates the average cost of a data breach to be $3.86 million, considering the cost of detecting and escalating a breach, notifying those affected and the regulatory authorities, lost business and reputational damage, and paying fines, legal fees and other costs associated with making things right.
4. I will know straight away if my business is attacked
This rarely the case these days. There used to be some easy signs (pop up ads or slow loading browsers) but scammers have become stealthier. Hacking is a silent crime and it is in criminals’ best interest to remain unnoticed for as long as possible. The longer they have access to your systems, the more data they can steal.
5. Cybersecurity is solely the IT department’s responsibility
Unfortunately, neglectful employees are the number one cause of cybersecurity breaches, so you can’t rely solely on the IT department to keep your organization secure online – everyone has a role to play. All your staff should be using corporate laptops/tablets/phones with at least 2 factor authentication, as well as ensuring that their installed security software is up to date.
6. Cybersecurity threats only come from outside sources
Following on from our last point, research suggests that up to 75% of data breaches come from the inside. Occasionally this will be a disgruntled employee looking for revenge, but more often than not it is employees who have not been given proper security training or are not following your security protocols.
7. My data isn’t important, it’s not a big deal if I am hacked
This is an illusion. Even if hackers gain only usernames and passwords, this can still result in very bad outcomes for anyone who’s data was compromised, as many people use the same credentials for most of their services, including for their online banking.
8. We use Apple devices because they can’t be hacked
There is a belief that Apple products are immune to cyber threats – this isn’t the case. Apple products can and do get hacked and users who think their devices are invulnerable are more susceptible to data loss.
9. It is easy to spot phishing
Phishing is one of the most common ways of stealing people’s personal data or gaining access to a system and usually involves a replica of a known service. It can be so well hidden in an email that anyone could fall prey to it. Always be wary of the links you open, and never think that you couldn’t be caught out. Make sure that your staff are aware of the risk of phishing. Training can help them to understand how sophisticated such scams can be and how easy it is to get caught out.
10. I don’t have a computer, I can’t be hacked
In this day and age, computers are not the only targets for hackers and scammers as so many of our devices connect to the internet. Scammers go after phones, routers and even smart TVs. We must make sure we are protecting all end points.
So, now that we have dispelled a few myths, how can we help you become more secure?
At CardEasy we have been helping contact centers in taking secure payments for over a decade. CardEasy supports the increasing array of multi-channel communications that are required by contact centers involving payments by phone, email, live, SMS and social media platforms. Get in touch today to find out how our award-winning solution can reduce risk, compliance burden and cost related to taking your customers’ card payments.
(UK) +44 (0)20 7741 2000
(US) +1 303 500 0492