Link Security to Your Continuity Planning

/ Blog, Contingency, continuity / By

How do you plan for continuities and protect your security? The two are not mutually exclusive! Let’s take a look at strategies to help you plan for the what if’s and keep your information safe.

What is Continuity Planning?

At its simplest form, I define it this way: whether at home or at work, continuity planning is how your life or work can continue functioning in case of disruption or interruption. Many continuity planners suggest you’re ready for 30 days or so in case of natural disaster. The best continuity plans are “living documents” that adapt as you do and remain nimble to allow flexibility and changes.

Security

Let’s think and plan for security often. I received one of the “dreaded emails” last week – the medical system has been breached and they will let us know what information was exposed. A security breach is when the underlying security systems in an organization are bypassed, leading to unauthorized access to private information.

More than 10 million US citizens become victims of fraud every year, most of it related to stolen identity. Just as disturbing is the fact that health insurance-related ID theft accounts for over a quarter of all reported identity theft cases, according to medical ID theft statistics. Apparently, it is a “hot market” to sell medical records 🙁

In 2002 California became the first state to make residents aware of breaches. In 2018 Alabama and South Dakota to pass data breach notification legislation. All 50 states, the District of Columbia, Guam, Puerto Rico and the Virgin Islands have enacted legislation requiring private or governmental entities to notify individuals of security breaches of information involving personally identifiable information.

To learn more, check out this global information privacy community resource IAPP: https://iapp.org/resources/article/state-data-breach-notification-chart/

Time to Secure

To keep things going at home and work, check on the following:

  • Home office – this area is important for home and work information, policies and computer equipment. If you’re fortunate to have a separate dedicated space as a home office, turn off all equipment (“shut it down”) at the end of each day.
  • Modems and Routers – if this equipment is yours or property of the cable provider, change the network name from the “default name”. No need to broadcast the type of ISP (internet service provider) you use. And, if you are willing and able, you can change the factory set password to one you select (make sure it is long and strong!)
  • Update when patches come for your computer, tablet, smart devices of any type and your phone. Operating system updates are important.
  • New spoofing and phishing schemes are out – have you heard of “smishing”? It’s the text message version of email phishing. Be AWARE – the aggressiveness continues to increase and these schemes are clever. Avoid clicking on links – check for the https and double check what’s after the https. Does the name match (i.e. amazon, apple, etc)? The latest scams are listed by Consumer Fraud Protection are here: https://www.consumerfraudreporting.org/current_top_10_scam_list.php and here is a list from the FBI: https://www.fbi.gov/scams-and-safety/common-scams-and-crimes/spoofing-and-phishing
  • Passwords and MFA – the key to all your information is the access to it! Make sure your passwords are “long and strong” using a mix of characters, numbers and symbols. Multi-factor authorization (MFA) allows more than one way for your identity to be verified. It takes longer, yes. Is it worth it, yes.
  • Public WIFI may seem convenient, yet you are exposing anything on your phone or table to hackers if you do not secure your devices.
  • VPN and encryption – virtual private networks and scrambling of information in some industries is a must.
  • Back-up your data! Schedule it and do it! After losing information, you’ll thank yourself for setting up a schedule for this task (or better yet, run continuous back up 🙂 AND, if you have company equipment, set up a schedule with the IT department to make sure everything is backed up.
  • All businesses (and people) would be wise to host cybersecurity awareness teaching sessions to ensure everyone is up to date of the latest schemes and protection recommendations.
  • Paper – are you shredding? People are creative with our information. Any document containing personal identification information (date of birth, social security number, tax filing, medical id, et al) should be shredded before you toss it.
  • User access control – companies focus here and for us personally, we would be wise to include this into our thinking too …

Is it time to review your security protocol and continuity planning? Make time to ensure you’re ready and safe! Email me with questions/comments: Lynn@thelivingplanner.com. For additional information my work, check out my website: https://thelivingplanner.com

Stay well –Lynn

#CareForPeople #StepInStepUp #LifeHacks

Scroll to Top