Your browser version is outdated. We recommend that you update your browser to the latest version.

Let us help you get back to the business of being in business™

Data Breaches, Oregon and Your Business

Posted 9/24/2017

Modern businesses benefit greatly from digital tools from databases and email to mobile apps and productivity software. While these services can greatly streamline your business, all to often they can be used as an opportunity for someone to exploit you and your clients' confidential information. Is your business prepared to mitigate the real risk of a data breach? Do you know what to do once you have detected a breach of your client's personal details?

Data breaches occur when thieves and/or vandals bypass they security of your computers, phones or other devices to steal personally identifiable information. The data they gather can then be used to steal the identity of the victim or sold in a black market on the 'dark web'. Sadly, the manner of these theft are becoming harder to detect and more sophisticated in execution, with business and individuals alike falling into these well engineered traps. Recovering from such a theft can take a years and carry a hefty price tag.

Prevention and mitigation once a breach has been detected are the two most important points to focus on. In the buffet of preventative measures, making sure that your computers are up to date, with active subscriptions to antivirus and malware utilities are proactive and to often overlooked practices. Security apps like these are absolutely obligatory not only in modern personal computing but even more so in any business scenario . Scammer know how to pick out user habits that can be exploited to allow themselves in to your network or trick you into giving them information that makes their job easier. Having software tools that help take the guessing out of what email attachment is safe or what programs might damage your data has a large footprint on the problem; in many cases it may stop a breach before it starts!

Use complex passwords with case changes, symbols & numbers is a solid and responsible strategy. If these are difficult to remember, use a phrase of at least six words. Many IT policies and digital services require these kinds of passwords already. They're worth the difficulty when weighed against the cost of identity theft. Would you consider using a two digit PIN for your banking? Then why would anyone consider resting their entire financial well being on only four or six digits? If a service you subscribe to for sensitive transactions offers enhanced security such as two-factor authentication or bio-metrics, you aren't going to risk anything by checking to see what these products offer or how they can add an extra layer of security.

If you have been breached or suspect the integrity of your systems has been compromised, contact an IT professional as well as your attorney as soon as possible and follow their advice. You may want to contact your financial institutions and credit agencies and alert them to your situation.

Oregon has adopted rules that businesses must follow after detecting a breach, including disclosure to authorities, offering credit monitoring to your clients that may be affected and penalties for business that are not in compliance. To see how these rules apply to your business, check out Oregon's DoJ website using the link below:

https://justice.oregon.gov/consumer/databreach/