Firm Partner Charles J. Messina, Esq. offered insight in a recent Commerce Magazine article "Best Practices for Protecting Electronic Business Data":
"From eBay to SONY, the number of U.S. data breaches continues to increase and have a crippling effect on businesses. Regardless of whether the type of data stored by your company is subject to state and federal regulatory requirements, your firm should be diligent in creating and adhering to best cybersecurity practices. The National Institute for Standards and Technology (NIST) released a cybersecurity framework in February 2014, setting forth a variety of best practices for managing cybersecurity risks. NIST recommends, among other things, implementing robust password and system log-in protocols, controlling access to systems, utilizing automatic updates to software on all electronic devices (hackers can easily find vulnerabilities in outdated software), and investing in backup systems. As a starting point, an outside consultant should be hired to assist with identifying sensitive IP, and to objectively test the fortitude of a company’s technological defenses. Even with state-of-the-art technology, many data breaches result from disgruntled employees and hackers exploiting human error, i.e., employees accidentally installing malware or clicking on a phishing link. These types of issues can be prevented by implementing, and constantly monitoring, cybersecurity policies for limiting the access of data, installation of new software, and downloading of files from external sources."
To read the full article, please click here.