Cybercrime is on the increase, as is the use of ransomware to hold deny companies access to their own information — until they fork over a ransom payment. Surprisingly enough, however, experts have identified human resources personnel as a potential source of defensive tactics to keep company data from being held hostage.
According to the Society for Human Research Management (SHRM), HR professionals can not only be vulnerable to security breaches, but they can form a line of defense to keep sensitive information out of the hands of cybercriminals. That’s increasingly important, since the number of attacks, including ransomware fraud, is on the rise and likely to continue.
SHRM cited the Verizon 2016 Data Breach Investigations Report’s tracking of ransomware fraud on companies: 144 cases in 2015, up from 133 in 2014, and just 22 in 2013. In addition, cyberattackers are using a range of other techniques, such as phishing e-mails or texts that trick employees into clicking on links that lead to websites infected with malicious software. The crooks then convert any information they steal into cash or other commodities.
Considering that HR professionals handle everything from Social Security numbers to bank routing numbers, addresses and insurance information, they need to be especially on the alert for tactics that could otherwise gain the crooks valuable troves of salable data. Fortunately, experts were able to suggest a number of strategies.
Talking to employees to educate them about cybercrime is one way to cut its likelihood. In addition, the use of a good anti-phishing testing service can come at a low cost relative to the expense of ransomware or other cyber breaches.
Tossing manual services that allow unrestricted access can also cut the odds of a company being extorted over its data, as can limiting data access. Only the few people with a need to use sensitive data should be able to access it, and they should be prepped thoroughly on ransomware and phishing lest they fall prey to such strategies.
Secure e-mails cut the odds that cybercriminals can access data, and storing HR data on multiple servers protected by firewalls, rather than in a single motherlode, can also be extremely useful. And last but far from least, ensuring that data are always backed up and stored in such a way that it can be accessed even in case of a ransomware attack can not only prevent downtime but avoid the cost of having to pay a ransom just to regain access to the company’s information.
Complete your profile to continue reading and get FREE access to BenefitsPRO, part of your ALM digital membership.
Your access to unlimited BenefitsPRO content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking benefits news and analysis, on-site and via our newsletters and custom alerts
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical converage of the property casualty insurance and financial advisory markets on our other ALM sites, PropertyCasualty360 and ThinkAdvisor
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
