One Hard Lesson From the Breach of Breaches
Spoiler alert: we’re talking about Equifax.
It seems like once a week there’s a new hacking making headlines. The one at the top of our list lately that we’re reading obsessively about—Equifax. In the wake of the Equifax breach, businesses, lawmakers, and individuals (including all of us over here) are putting the protection of our personal information at the top of our lists.
When companies like Target and Chipotle make the news for stolen data, we change our passwords, and maybe start shopping somewhere else for steak burritos and underwear.
When a company like Equifax has a breach though, we really start paying attention. Aren’t the credit agencies supposed to be the most secure of all? After all, we trust them with such a mind-boggling amount of personally identifiable information (PII) and they just potentially left 143 million people standing out in the middle of a snowstorm without a shirt. If you’re one of these consumers, this could destroy many areas of your life. And not just in a week from now, it could haunt you 10 years down the road.
It’s not about the volume of data.
If you’re thinking, “What’s the worst that can happen?” The Equifax breach is a big deal because of the sensitivity and combination of data-full names, birthdates, addresses, Social Security numbers, driver’s license numbers, credit card numbers, and other personal information—more than enough to swipe your identity.
Here’s why you need to give a damn if your data gets into the wrong hands:
- Identity thieves can impersonate you and open bank accounts, credit cards, lines of credit, and even a new driver’s license in your name
- With a driver’s license, they can give you the unwanted gift of speeding tickets
- Say goodbye to your tax refund—thieves can steal this too
- What Social Security check? They can also take this, keeping you from getting essential prescription drugs.
- If a thief steals your identity, it can take months or years for you to clean up the mess
The Equifax breach is being called one of the worst breaches ever. The hackers found a weak spot in the website software, and this breach is going to cost a lot of money—between the affected individuals, investors, and the business itself from class action lawsuits, and remediation. It could cost Equifax in the hundreds of millions. According to this 2017 study, the average total cost of a data breach is $7.35 million in the US. If you look at the per individual basis, the average is around $225 per person in lost revenue, services like complimentary credit monitoring, and lawsuits. Ouch.
While we’re over here freezing our credit with all three agencies and locking down our personal information, there’s one thing you need to start thinking about as an IT administrator when it comes to data breaches if you’re not already.
It has nothing to do with hardware, software, firewalls, forensics, or online security.
It has to do with your people.
People are your first and last line of defense in protecting your company’s systems and information. These are the users of your organization’s equipment, the folks who have access to your company and stored data, and the same people who could leave your company information at risk.
If you don’t want this to happen to your organization, you need to add a layer of military-grade protection between employee and computer.
This is why we made GateKeeper. When you add security between users and your systems (and not in the form of passwords), here’s what happens, or rather, doesn’t:
- No private info can be sniffed since credentials are never transmitted over the air
- When you have multiple sensors to figure out the location of the GateKeeper Key relative to the computer, there’s no need for constant password changes
- A Wireless key, kept with the user becomes the authenticator, meaning less chance for a physical breach
- Authentication based on a user’s proximity to your company’s—When the GateKeeper Key is in range, the GateKeeper software authenticates a user and logs them on
- When the Key moves out of range, the GateKeeper software automatically locks the computer
When the thought of becoming the next Equifax keeps you awake at 3:15 am, taking a step to minimize your company’s risk is kind of a no-brainer.
Let’s chat about your organization’s security needs. Get in touch.