Recommend Print

Legal matters

Dell Security Breach: AVG Security Tips For Small Business

Dell data breach prompts cyber crime warning

By Michelle Hammond
Friday, 08 April 2011

An IT security expert says that small businesses need to be aware of five key areas to protect their data, following the revelation that hackers stole the personal information of thousands of Dell customers.


The Australian division of the US-based tech company has warned that local consumer and small business customers have had personal details exposed in what is being described as the biggest data theft in US history.


In an email to affected customers, the company’s consumer and small business executive director for Australia, Deborah Harrigan, wrote: “Dell’s global email service provider, Epsilon, recently informed us that their email system was exposed to unauthorised entry.”


“As a result, your email address, and your first name and last name may have been accessed by an unauthorised party.”


Australian Privacy Commissioner Timothy Pilgrim, who has launched an investigation into the incident, says Dell Australia has set up an advice service for affected customers to obtain further information.


“I have also been advised that Epsilon has commenced an investigation into this matter and is keeping Dell Australia informed,” Pilgrim said in a statement.


Meanwhile, Dell is warning affected customers to be aware of unusual or suspicious emails requesting personal information.


It’s believed the hackers may be planning to sell the information to cyber criminals for targeted scams.


AVG security evangelist Lloyd Borrett says he is seeing an increasing number of hacks of this nature “where the bad guys are going after central repositories in cloud service providers”.


Borrett says people often the use the same password for multiple accounts, which means once hackers know a password, they have access to a whole myriad of things.


“We’ve highlighted five doorways through which cyber criminals can access company data. These five doors need to be slammed shut,” he says. They are:


Social networks and community bad spirits


Danger: Most social networking activity revolves around community spirit and sharing a wide range of data. Users are more likely to click on an infected link if it comes from a colleague or friend.


Solution: Offer staff some guidelines to keep them and your business network safe.


Instant messaging and spam chat


Danger: Viruses and other malware can be hidden in files sent via instant messaging. Some IM services link your screen name to your email address when you register. Having your email address so readily available can result in an increased number of spam and phishing attacks.


Solution: Don’t use an email address that can be easily identified by your IM username.


Insider threats are right in front of you


Danger: Employees are responsible for introducing the majority of malware onto company networks.


Solution: Background checks on potential employees are essential, and high-risk businesses should consider using advanced tools to conduct criminal history and social security searches to ensure their employees are totally trustworthy.


Educate staff on keeping their data and network safe and enforce a robust internal security policy combined with a security audit.


Don’t lose remote control


Danger: While preventing staff from leaking malware into a business has its challenges, staff who are allowed to access the company network remotely are even harder to control.


Allowing staff to use their own smartphones, tablets and PCs for work increases the risk that malware may get inside the company network.


Solution: Prevent staff from using their own devices. Businesses could use virtualisation technology to create a virtual safe-zone within your hardware.


USB sticks and smart phones

Danger: Plug-in memory USB sticks and portable drives are particularly good at spreading malware. They appear innocuous compared to a laptop or smart phone but can hold several gigabytes of code, some of which may be malicious.


Email-equipped smartphones pose similar risks to company networks as desktop computers. Smartphones can help spread malware onto other susceptible devices on the network and hackers have been known to use text messages to guide unsuspecting users onto websites containing infected code.


Solution: Users can run a manual scan before accessing any of the files on the stick. Business owners should also create policies to keep personal and business drives separate on any machine.

Comments (0)

Subscribe to this comment's feed

Write comment

You must be logged in to post a comment. Please register if you do not have an account yet.


FREE DOWNLOAD - 101 tips for start-up entrepreneurs

Covering everything from starting up to sales to social media strategies, this advice forms a fantastic guide that will be of use to anyone starting up in business.

Register for the StartupSmart Newsletter and immediately receive '101 tips for start-up entrepreneurs'.

Your email please (*)

Invalid Input
101 tips for start-up entrepreneurs

Free Newsletter

Invalid Input
Join the StartupSmart community

Follow us

StartupSmart on Twitter StartupSmart on Facebook StartupSmart on LinkedIn

Subscribe to StartupSmart RSS feeds


Sponsored Links

Our Partners