30 essential steps to take right now to prevent online crime

Communication World, March, 1999 by Daniel Janal

Internet invasions and computer-related crimes are grabbing front-page headlines. Fraud, security violations and thefts of intellectual property are costing businesses and consumers more than U.S. $250 million a year, according to the U.S. Federal Trade Commission. Threats to companies' reputations are an emerging problem fueled by disgruntled customers and blackmailers on the Internet. Even company employees could threaten an organization's well-being. And personal lives are being wrecked by seam artists, identity thieves and online stalkers.

Businesses and individuals are wondering if the web is a safe place to conduct business, buy products or even surf without having their privacy invaded, according to a survey in Business Week (March 10, 1998).

In my new book, called "Risky Business," I interviewed more than 30 experts on computer security, human resource policy, the law and public relations crisis communication, and image management to show business managers and Internet surfers what the problems are and - more important - how to solve them.

Here are 30 practical ways to protect yourself and your organization from online attacks.

If you act on just one tip, you'll cut your chances for losses tremendously. If you follow all 30 steps, you'll be well on your way to building an iron fortress to protect yourself and your business.

1. Change your password. This is the number one way crooks get access to your information. You should change it regularly, but most people don't. Let's make April 1 the date when everyone remembers to select a new password. Don't be a fool, get a new password!

2. Update your virus protection software program. By now, nearly everyone has a virus protection software program on his or her computer. Unfortunately, new viruses pop up faster than weeds during rainy season. The Internet could unleash new, wild viruses into your system when you visit an infected web site. You can download an updated version of these programs. And usually, it is free. Check out your publisher's web site.

3. Review your web site for potentially damaging personal information. Does your web site tell stalkers where you live, where your kids go to school, or information only your priest should know? If you're one of those people who expose your innermost feelings on the web, this could be a mistake. It can come back to haunt you if potential employers, child molesters or con artists want to find out about your life.

4. Hire a hacker. That's right. Hire a computer expert to find the flaws in your organization's computer system. The expert won't damage the system or steal files. His or her job is to show you what's not working so you can fix it.

5. If you sell products on the Internet, fight fraud by requiring customers to tell you where they live. Credit card companies call this "address verification," and it can cut your fraud rate down to next-to-nothing.

6. Check your business site for copyright violations. Do you have pictures of movie stars? Reprints of articles from magazines? Sound clips from your favorite album? You could be liable for a ton of money. Take those offending pieces off your web site now.

7. Create an Internet Access Policy for your employees. If you don't have a policy, you could be liable for their criminal actions on the Internet. If they post libelous information in an e-mail, that could be used as evidence in court. Most people don't realize this, and it could cost them big time!

8. Tell your employees not to post company information on newsgroups. You wouldn't believe how much information is leaked by companies on newsgroups. Employees ask questions or answer questions and unknowingly give out hints about your company's new products and marketing strategies.

9. Check out your online image. Are people spreading inaccurate information about your company via the Internet? This has happened to Tommy Hilfiger, Snapple, Neiman - Marcus and many other companies. Use search engines to check everything that's being said about your company - and notify people when they publish misstatements.

10. Beware of offers that sound too good to be true. You won't believe how many shills are on the Internet. They try to get you to buy stocks that are supposed to go up in value, or buy products at prices that are just too unbelievably low. Don't be fooled.

11. Install a site blocker program that prevents employees from wasting time at recreational web sites. Millions of hours are wasted by employees who surf the web on company time to look at sites devoted to stocks, sports, games and pornography. Several programs block these sites from prying eyes.

12. Install a spam filter to weed out unsolicited ads sent by e-mail. Everyone hates spam, but no one ever does anything about it. You can use your browser's filter commands to send spam directly to the trash bin. You'll save lots of time by not reading this garbage. And you'll save yourself from being conned by scammers who use spam.

13. Update your browser. Early versions of the major browsers from Netscape and Microsoft have serious bugs that allow criminals to read the information on your hard disk. You can download the latest versions of these programs for free.