From Breach Coaches to VPNs: How Small Businesses Can Protect Their Data

by Jessica Montevago
From Breach Coaches to VPNs: How Small Businesses Can Protect Their Data

Your data is your most valuable asset—and your biggest vulnerability. To stay on top of protecting their own data and that of their clients, some travel agencies, both big and small, have turned to “breach coaches” and other experts for help.

“Everyone thinks hackers have a laser-beam focus on larger businesses, but a high percentage we see involves small and medium-sized businesses, because they are very easy to break into,” said Alan Brill, senior managing director at Kroll Inc. of New York City, is a global provider of risk solutions. “It’s not a matter of if, but a matter of how and when.”

Indeed, Mom-and-Pop businesses, like many travel agencies, are especially vulnerable to data breaches. A 2013 National Small Business Association study found that nearly half of small businesses have been victims of a cyber-attack, and that it cost them an average of $9,000.

TMR asked one breach coach, John Mullen, head of the data-privacy practice at Los Angeles-based Lewis Brisbois Bisgaard & Smith LLP for some suggestions for small and medium-sized travel agencies.

His first piece of advice is to get insurance. “A breach is very stressful for a company that is insured—but if you’re not, it can be borderline catastrophic,” Mullen said.

It’s also smart to hire an outside assessor to review your policies and procedures and give you advice on overall data management.

When the worst happens
How a company responds in the aftermath of a data breach also is crucial, yet according to the National Cyber Security Alliance, 59% of small and medium-sized businesses do not have a contingency plan that outlines procedures for responding to and reporting losses. So that’s a good place to start.

In case of an incident, a breach coach will get on the phone to assess the severity of the breach. Mullen, who said his firm deals with a new case every business day, asks such questions as what kind of data is in play and how much data you have.

A data breach coach also will make suggestions to mitigate the damage, such as setting up a call center that clients can contact with questions, or hiring a forensic company to investigate.

They are especially helpful when it comes to informing your customers that their personal data has been compromised. The amount of time you have to notify customers varies from state to state, but is generally 30 to 60 days from the time the company initially realizes there’s a problem.

Prevention is key
At Kroll, meanwhile, Brill emphasized that the best way to deal with incidents is to prevent them in the first place. The number-one weak point he sees is outdated operating systems, because these often have security holes that leave the travel agency or business vulnerable.

“Essentially you’re giving hackers an open-door invitation,” he said, so upgrade your Word and Excel to new versions.

Another invitation to trouble comes from “phishing” emails, where hackers mimic a legitimate message in your inbox. Never respond to an email that prompts you to send back sensitive or private data.

One good tool to keep your data safe is a VPN, or virtual private network, which will encrypt your data—especially when you are traveling. “That’s important for both the travel-agent community and important to remind your client,” he noted.

“If you can do any of these, it will lower your risk,” said Brill, whose firm has worked with clients in nearly every aspect of travel. 

The Department of Homeland Security also offers some tips to keep your data protected. It suggests making sure all computers are equipped with antivirus and antispyware software—and updating it regularly. Hold your employees accountable as well; make sure they understand your company’s policies, and require them to change passwords often. Then safeguard your internet connection with a firewall and encrypted information.

The Small Business Administration suggests making sure to backup critical data regularly—including word-processing documents, electronic spreadsheets, databases, financial files, human-resources files, and accounts receivable/payable files.

In the end, though, “there’s no such thing as 100% cyber security,” Brill said. “So have a plan for when things go wrong.”

Photo: News Limited 

  0
  0
Tip of the Day
Daily Top List

Best New York Pizzerias According to Reviews

1. SottoCasa Pizzeria

2. Song’ e Napule Pizzeria

3. Juliana’s Pizza

4. Numero 28 Pizzeria

5. San Matteo Pizza Espresso Bar

Source: TripAdvisor

TMR THIS WEEK
http://services.travelsavers.com/AMGService.svc/REST/GetImage?ImageID=dab35eef-ff9e-e811-853f-782bcb667b27

FOMO Strikes Again! Yep, They Booked It Without You

Should you resist the temptation to unfriend or confront them? Hear the advice of agents who have been there and know how best to handle these unfortunate, but all-too-common scenarios.

TMR Recommendations
Top Stories
Theft of Alaska Airplane by Employee Exposes Gaps in Airport Security
Theft of Alaska Airplane by Employee Exposes Gaps in Airport Security

Tragic event leads to serious concerns about a loophole in the post-9/11 airport security system, questioning how someone could simply hop into a plane and take off unnoticed at one of the busiest airports in the country.

Millennials Seek Safety and Convenience for Family Vacations
Millennials Seek Safety and Convenience for Family Vacations

The search for simplification leads one out of three Millennials with children to work with a travel agent to plan their vacation.

How to Become a Travel Agent: A Guide for the Perplexed
How to Become a Travel Agent: A Guide for the Perplexed

Selling travel is not all about free trips — but the hard work can pay off in a career that is rich in adventure and personal relationships, if you start off right.

ASTA Rebrands and Reorganizes, Drawing NACTA and Smaller Members in Closer
ASTA Rebrands and Reorganizes, Drawing NACTA and Smaller Members in Closer

The NACTA name will go away as members are folded more into the mainstream of its parent organization, and ASTA rebrands from “Agents” to “Advisors.”

For Special Needs Travelers, Travel Agents Can Make All the Difference
For Special Needs Travelers, Travel Agents Can Make All the Difference

Accessible travel is on track to soon account for 25 percent of the overall travel market, as aging Baby Boomers with disabilities retire — and they have the desire and the money to travel.

From Retainers to Hourly Billing, Two Travel Agents Outline Fee Models
From Retainers to Hourly Billing, Two Travel Agents Outline Fee Models

Some are just beginning to charge fees, while young professionals like Kathleen Sullivan say an annual retainer, covering all of a client’s trips for 12 months, are the key to the future for travel agents.

News Briefs
TMR Report Cards
Advertiser's Voice
Advertiser's Voice: Norwegian Cruise Line