Online Fraud is a Focus for Small Business Owners as October is National Cyber Security Awareness Month
Capital One Provides Tips to Help Small Businesses Safeguard Against Cyber Crime
MCLEAN, Va.--(BUSINESS WIRE)--Oct. 10, 2007--In BW5134 issued Oct. 10, 2007: First graph after bullet list, first sentence should read: Ron Teixeira (sted Ron Teixera).
The corrected release reads:
ONLINE FRAUD IS A FOCUS FOR SMALL BUSINESS OWNERS AS OCTOBER IS NATIONAL CYBER SECURITY AWARENESS MONTH
Capital One Provides Tips to Help Small Businesses Safeguard Against Cyber Crime
Capital One Financial Corporation (NYSE:COF) and the National Cyber Security Alliance (NCSA) today released a set of cyber security tips to help small business owners protect themselves against online intrusions. The tips are being released in conjunction with the start of National Cyber Security Awareness Month, which began on October 1.
As part of a fraud awareness campaign, Capital One Small Business and the NCSA are working together to help educate small business owners about the importance of online fraud prevention as well as providing best practices to help mitigate costly and potentially-dangerous cyber attacks.
"While all businesses are at risk for cyber security violations, the effects of online fraud can be even more devastating for small business owners," said Dave Wasik, senior vice president of Small Business at Capital One. "A single incident can be very costly to resolve. We hope that through education, we can create a culture of security, where both small business owners and their employees can help to prevent these crimes."
National Cyber Security Awareness Month is a campaign designed to increase public awareness of cyber security and cyber crime issues so that users can take precautions to avoid these threats on the Internet. In honor of the month, Capital One Small Business and the NCSA created several tips to educate small business owners about the risks associated with cyber crime. The tips, which can be used as a guideline for small business owners who want to protect their businesses from cyber fraud, include information on the following practices:
-- Conducting a risk assessment - In order to protect customer
information, small business owners need to conduct an initial
risk assessment of their online and operating systems.
-- Educating employees - It is essential that managers and
employees have a basic understanding of cyber security,
including company-specific procedures and overall best
practices.
-- Backing-up critical information - Make regular (weekly)
back-up copies of all important data and information.
-- Creating a contingency plan - Small business owners should
have a contingency plan in place in case the business suffers
a cyber security attack.
-- Signing a security agreement - Have all employees sign a
security agreement in order to demonstrate that they are
taking cyber security seriously and are active participants in
helping to maintain a secure online environment.
"With the development of online resources, businesses are increasingly moving their operations and finances online," explains Ron Teixeira, president of the NCSA. "Just as consumers are concerned about sensitive information being leaked over the Web, small businesses also need to be confident in the security of their online systems in order to protect themselves as well as their customers."
To reduce the incidents of fraud, it is essential that small business owners have a cyber security plan in place in addition to educating employees about the importance of following security plans. For other ways to reduce cyber fraud, please see the full list of tips from Capital One below.
The Capital One Small Business Resource Center web site (www.capitalone.com/smallbusiness) contains additional resources, information and tips for small business owners. Resources include free online business seminars, insights on creating a business plan and tips to help small business owners operate more effectively and efficiently.
Editor's Note: Comprehensive tip list located at bottom of press release.
About Capital One
Headquartered in McLean, Virginia, Capital One Financial Corporation (http://www.capitalone.com) is a financial holding company, with 725 locations in New York, New Jersey, Connecticut, Texas and Louisiana. Its principal subsidiaries, Capital One Bank, Capital One Auto Finance, Inc., and Capital One, N.A., offer a broad spectrum of financial products and services to consumers, small businesses and commercial clients. Capital One's subsidiaries collectively had $85.7 billion in deposits and $144.2 billion in managed loans outstanding as of June 30, 2007. Capital One, a Fortune 500 company, trades on the New York Stock Exchange under the symbol "COF" and is included in the S&P 100 index.
Capital One offers a range of products to meet small business needs, including small business credit cards, small business loans and lines of credit, and small business savings accounts. As the largest issuer of small business Visa credit cards, and the third largest lender of SBA loans, Capital One provides specialized support designed to make it easier for small business customers to manage their finances so that they can focus on what's important to them. Capital One small business products are available via direct mail, capitalone.com, phone (800.926.1000) and fax.
About the NCSA
A not-for-profit 501(c)(3) organization, the National Cyber Security Alliance (NCSA) is the go-to resource for cyber security awareness and education for home user, small business, and education audiences. A public-private partnership, NCSA sponsors include the Department of Homeland Security, Federal Trade Commission, and many private-sector corporations and organizations. NCSA provides tools and resources to empower home users, small businesses, and schools, colleges, and universities to stay safe online. For more information, and to see the top eight cyber security tips, visit www.staysafeonline.org.
Full List: Capital One Small Business and NCSA Tips for Cyber Security
1. Conduct a risk assessment
In order to protect customer information, small business owners need to conduct an initial risk assessment of their online and operating systems. This includes determining if any sensitive information (anything that is critical to your bottom line, e.g., customer database) is attached to the Internet.
There are several components of a comprehensive risk assessment. Most importantly, small business owners should install updated anti-virus programs, anti-spyware programs and firewall on all computers. Make sure to keep these programs, along with the operating system and software up-to-date with the most current patches. In addition, ensure that all employees use effective, complex passwords. Passwords should be changed every 60 to 70 days.
2. Educate employees
It is essential that managers and employees have a basic understanding of cyber security, including company-specific procedures and overall best practices. Small business owners need to integrate a cyber security rollout plan within the yearly business plan. This plan should also include steps for measuring success.
3. Back-Up critical information
Make regular (weekly) back-up copies of all important data and information. Creating back-ups on a regular basis ensures that critical data is not lost in the event of a cyber attack or natural disaster.
Store all back-up copies away from the office, such as on an external hard drive, and use encryption to protect any sensitive information about your company and customers from thieves and hackers. Encryption programs encode data, making it unreadable until the user enters a password or encryption key to unlock it.
4. Create a contingency plan
Small business owners should have a contingency plan in place in case the business suffers a cyber security attack. The contingency plan should include steps on how to continue business operations at an alternate location when necessary. This plan should be tested annually.
5. Sign a security agreement
Have all employees sign a security agreement in order to demonstrate that they are taking cyber security seriously and are active participants in helping to maintain a secure online environment. This agreement should also require employees to report any suspicious online activity or known Internet crime to the proper authorities.
If fraud or criminal intent is suspected, it should be reported to the local law enforcement agencies, the local Federal Bureau of Investigation, Secret Service, or State Attorney General's offices. Moreover, some states require business owners to notify their customers if hackers or thieves could have had access to customers' unencrypted personal information. One way to prevent Internet crime is by erasing all data on a hard drive before recycling or throwing away a computer.
CONTACT: Capital One Financial Corporation, McLean
Steve Schooff, 972-378-8105
stephen.schooff@capitalone.com
SOURCE: Capital One Financial Corporation