Is Your Collection Agency Business Secure From A Cyber Attack ?

Is Your Collection Agency Business Secure From a Cyberattack?

Cyberattacks and data breaches are on the rise, costing global businesses $450 billion in 2016. Companies of any size have the potential to fall into a hacker's crosshairs. It's no secret that credit collection agencies have a veritable treasure trove of valuable data. Credit card information, Social Security numbers, personally identifiable information and other details make an attractive target.

The Current State of Cybercrime

Data breach statistics paint a concerning picture. The typical cost per compromised record is $221, although this is higher for financial industry companies, such as debt collection agencies, with many organizations facing a total of up to $12 million for breaches.

Ransomware, spear phishing, internal attacks and social engineering give cybercriminals many vectors to mount an attack. With the emergence of Internet of Things market and advances in adoption of cloud based technologies, more vulnerability points will become commonplace.

How to Protect Your Debt Collection Agency

As a CEO or person responsible for the protection of sensitive information, it's something you worry about all the time. Here are a few ways to protect your debt collection agency and the valuable data you have. Identify the nature of your data and the risk associated with it. A Social Security number is going to be more at risk than an email marketing list, and your security practices should reflect this reality.

Put prevention mechanisms that prevent a data breach on your endpoint devices, such as desktops and servers. Carefully consider whether you want to allow employees to work with their own devices, as this introduces another element of risk into your business network.

 Have security breach detection mechanisms in place that trigger when your protected data gets stolen. You might not be able to stop them from getting the initial records, but you can prevent a situation where they have full access to your database for hours, days or even weeks.

Security Regulations

There are a few security regulations that you need to be mindful about. GLBA Safeguards and PCI DSS cover consumer information and payment security respectively. To maintain compliance, you need to account for the personally identifiable information that you work with when you conduct your risk assessments. The recommendations for achieving this goal include training application developers in how to properly handle personally identifiable information, document the policies and processes that impact risk to this data, and have controls in place to reduce the potential risk. 

 If you don't have the in-house resources to give your debt collection agency the protection it needs, you should engage with a managed security service provider like NetWorks Group to take care of your needs. They can help you implement best practices in cybersecurity and offer solutions to prevent and respond to a cybersecurity breach.

Sources:

http://www.microbilt.com/news/article/debt-collectors-become-data-security-experts

http://www.fico.com/en/fraud-security/cyber-security#overview

http://www.acainternational.org/news/how-small-businesses-can-create-a-culture-of-cyber-security

https://www.coalfire.com/The-Coalfire-Blog/May-2013/Compliance-Talk-Debt-Collectors-and-PCI

https://www-01.ibm.com/common/ssi/cgi-bin/ssialias?htmlfid=SEL03094WWEN

http://www.cnbc.com/2017/02/07/cybercrime-costs-the-global-economy-450-billion-ceo.html

Subscribe to get new content! Never miss a security update from the team.

Security news, tips, webinars, and more straight to your inbox.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.