1-866-245-5224 info@globallearningsystems.com
Wed, August 23, 2017 Twitter LinkedIn

Compliance Training Blog

Security is everyone's responsibility

Staying Safe During Cyber Monday Shopping Sprees

The holiday season is upon us and you're definitely excited about buying your family and friends all those cool gifts they wanted (and throwing in a few splurges for yourself while you're at it.) If those monstrous crowds during Black Friday just aren't for you, chances are you'd rather shop from your desk or phone on Cyber Monday. Because we're all busy and just want to get the shopping done, especially if there are deals too good to be missed, it's unfortunately easy to have your safety compromised when shopping online when hackers make fake websites that look very similar to small and large retailers' sites alike. Here are some things you can do to stay safe on Cyber Monday.

Make Sure the Site is Legit

Check out the website's data. Check the IP address if something looks off. Does the domain not match up with where the business is supposed to be based?

Look for obvious grammar mistakes. Did the promotional email you receive or the site copy contain some glaring spelling errors you wouldn't expect to see on the website? This is definitely a sign that site is fake.

Verify the company's online presence. Most large and small businesses have some kind of social media presence. Verify that the company website is linked to their social media pages and that they are definitely the same company and not a ploy to get credit card numbers.

Be Aware Where and How You Pay

  • Don't use public wifi when shopping with your phone or tablet. Mobile devices may be convenient, but they present an enormous security threat. When you leave the comfort of your own home and trusted internet connection, you might forget to be aware that public wifi makes secure information like your credit card number vulnerable to hackers. Use your data plan or wait until you get home where you have a safe connection. Even when you are at home, there are some extra steps you can take to be safe with your personal or business wifi connection.
  • Never pay through wire transfers or other unsecured methods. Any legitimate online retailer is going to have some kind of e-commerce solution set up to take payments online. Never make payments through wire transfer, money order, or any other unsecured method. If you're using an online shopping cart, make sure that you have a secure connection. Your browser should indicate whether there is a valid security certificate present, usually denoted by a lock.
  • Avoid using debit cards, even with a trusted retailer. Even if you are using a legitimate website, large scale information swipes are unfortunately common today like what happened with Target. Debit cards are far more vulnerable than credit cards even if your bank offers protection against unauthorized transactions. Because you are authorizing the initial transaction, if your debit card gets hacked then you can wind up waiting several months to get your money back-- if you ever do.

Keeping yourself, your employees, and your family safe from hackers should always be a high priority year-round but especially on Cyber Monday when hackers are the most active. They know people will be busy, trying to get popular gifts fast, and not that cognizant of what they clicked and if the trusted retailer they always shop at is actually the real thing. Global Learning Systems can help familiarize you with the latest internet security developments so that you'll always be one step ahead of cybercriminals.

We also offer IT solutions that can take all of the hassle out of setting up a safe and secure connection for your business, so that you can have peace of mind when it comes to internet safety. Contact us today!


GLS asks our customers to please submit a review for Gartner Peer Insights

Cyber Security is our middle name at GLS. We have a full range of end-to-end learning/development and a base of talent and experience to manage all aspects of world-wide enterprise deployment for your learning programs.

Our team has a solid track record of successful performance and excellent service with a wide range of multi-national projects. We work with clients in a collaborative, team-oriented environment; we utilize learning industry best practices and standards and deliver high quality services and solutions for our clients.

Come see what GLS offers YOU!

GLS customers are invited to submit a review to Gartner Peer Insights!


Why Submit a Review?

We're proud to have been chosen as one of the Leaders in the Gartner’s 2016 Security Awareness Computer-Based Training Magic Quadrant. The fact that GLS is seen diligently protecting its clients is no accident; GLS works hard to maintain and to increase its customer base, knowing that its products stay on the cutting edge of where businesses — both large and small — needs to be when it comes to safeguarding information and providing technology. Your review not only will help GLS in its efforts to continue great service, but also will help other organizations in their searches for great providers. And, not least of all, your comments will help GLS in maintaining and enhancing our own security products, which — right back at you — can only help you!

Here's how to participate:

Access the GLS survey on Gartner Peer Insights at this URL: https://www.gartner.com/reviews/survey/home?mid=254&vid=2142&pid=7455&marketCount=1&productName=Security%20Awareness%20Training&marketName=security-awareness-computer-based-training&utm_content=vlp-write&refVal=vlp-global-learning-systems-16329&utm_campaign=vendor&utm_source=global-learning-systems&utm_medium=web&utm_term=Security%20Awareness%20Training

Give yourself 15 minutes or so to complete the review.

Share your experiences with GLS. How did we help you, and with what? How did our products target specific areas? What were your results down the road from using our product(s)? How easy was it to use them? Add anything of positive value that you believe might help others.

After about two weeks, you can check the Gartner Peer Insights forum for your review. If after that time, you do not see it, contact Gartner at [email protected].

Please note:

  • You will be asked to create an account in order to participate with the reviews. Both your name and your company name will not appear with the review. The only identifying information that displays with your comments are Demographic details such as your role, your industry or the size of your organization.
  • Gartner Peer Insights does not accept personal email addresses. Use your business email to create an account.
  • To maintain the integrity of the forum, submissions are reviewed by Gartner staff to make sure that neither the reviewer's products, nor the reviewer's competitors' or affiliates' products are reviewed.
  • GLS thanks all its participants for helping in this endeavor, which will ultimately benefit all of us in the security awareness arena! Please take a moment to review some of our security awareness offerings. And thank you for being our present and future clients!

Security Awareness Program: Creating a Culture of Learning

Companies continue to struggle with how they handle security in the digital age. No longer is it just about key cards and ensuring that only authorized people can get into an organization. Hackers can find their way in through personal cell phones, carefully constructed emails, or by leaving a stray USB flash drive on the ground of a lobby. There is more that can be done in businesses of all sizes to avoid the hassles of a breach, and considering breaches not only cost an organization money and time, not to mention fines if personally identifiable information (PII) data is lost, there needs to be more efforts made to foster a better culture of safety.

The Dangers of Lax Security

Employees cannot afford to think of security awareness as a seminar they're required to take once a year, but unfortunately this is likely how employees do view it. In fact, 66% of data professionals surveyed say that employees are their weakest link when it comes to establishing better practices. When company leaders only do the bare minimum to raise their staffs’ consciousness about how breaches work, it affects how the staff sees the issue. The information is likely to be seen as a hiccup in their day that ultimately goes in one ear and out the other. It's a common pitfall for busy businesses to assume their security defaults are working, even though the more likely conclusion is that those defenses haven't been tested by a hacker yet. A cybercriminal has a veritable bounty of undefended computers to infect, and only so much time in the day.

Tightening Up the Reins

A a general rule, cybersecurity has proven to work better coming from a top-down approach. This means that leaders need to practice better security before the managers will, and managers need to practice it before employees below them mimic their efforts. It's all about setting the priorities of a company, and security needs to be given priority. When a company has a security awareness program that does more than just remind people once a year that hacks are a real threat, it has a solid start in creating the right culture. People's behavior can be malleable, so long as it's clear what is important. If a manager spends 99% of the time talking about quotas and 1% of the time talking about security, it sends a strong message to employees that they should be focusing their efforts on quotas. If that isn't enough to convince, consider that increasing your cybersecurity might be a good marketing technique, as customers grow increasingly weary about losing their information. Far from having to speak in technical jargon, a company can attract new clients by emphasizing how employees understand best practices of the day.

The Specifics

Security awareness training needs to be be customized to an organization, but the key is that education needs to happen far more than once a year. Global Learning Systems has an all-year program that offers a variety of mediums to reinforce learning. From quick-fix tools such as short videos, newsletters and posters to complete courses that detail better practices, it uses different methods to keep people's attention on how they can protect themselves and the company better. Every employee already knows the basics of being careful when he or she connects to an unsecured network or when choosing a password, but this goes above and beyond. It ensures that the most important concepts are being given the respect they deserve, which ultimately decreases your risks immeasurably. Our program adapts and changes with the times to stay relevant today, and this complete solution is available for companies of all sizes.


News and Trends in Scams Facing Businesses Today

When a new piece of technology comes out, clever hackers everywhere are ready to test it to see where its weaknesses lie. Or they may go the social route to infiltrate if hackers are not particularly tech savvy. By using a number of both emotional and practical measures, hackers have seen major successes in targeting companies and individuals for their own gain. To truly improve an organization's security, a staff needs to start thinking the way a criminal would. As you will see in the following examples, it seems everyone could use a little extra practice when it comes to proper protection.

The Living Past

A hack can occur at any time, and it can go undetected for years. It can come about if a company has inconsistent security methods. When a company attempts to merge old technology (e.g., legacy systems) with new technology (e.g., SaaS or the cloud), it leaves the company particularly open to cybercrime. Considering most companies do this, it's no wonder that users all over the world worry about being the next target. Even the best technology companies have admitted they can stay only around six months ahead of hackers (at best), and it raises concerns about the security efficacy of practically every organization that handles financial and personal data.

New and Improved

Business email compromise is a common type of phishing scam designed to take advantage of companies who use foreign organizations in arranging financial transfers. These companies typically were able to do so either through direct computer access (e.g., a link that contained malware) or through a social measure, such as offering technical support to a company or posing as a frantic coworker desperate for help. The results totaled $3 billion lost across companies of every state in the U.S. The victims’ protocols clearly were researched by the hackers for a better success rate, and the net gains from the efforts illustrate just how vulnerable people can be to opening up the wrong email, attachment or link.

Ransomware Today

Ransomware is alive and well today, and the FBI just released a message to openly encourage victims to report a scam to federal law enforcement so the FBI can have an accurate picture of hacking today. Ransomware is a means to encrypt files and information on a computer. Considering there is generally some private data stored there, the hacker will then demand money so a company can get data back. The FBI is aware that 2016 has been a big year for hackers, and they came out with a report that just one type of ransomware could infect 100,000 computers a day. This malware can affect both mom-and-pop businesses and huge conglomerations alike, and it can lead to permanent financial and information loss for the targets. It has been known to encrypt hard drives and servers as well as files. It should be noted that the FBI urges individuals and businesses not to comply with ransom demands, as there is no guarantee that the information actually will be released. The FBI posits that there are a number of people who do not report, either because they aren't sure of the protocol or are afraid it will ruin their reputation.

Taking a Stand

A business does not have to rely on chance to keep itself protected even as hackers evolve at an alarming rate. Ransomware and hacking techniques will continue to get better, but so too can your company’s protection. When you invest in training employees and updating your security, you virtually can eliminate your risk for an attack. It all starts with understanding the dangers fully, and ends in implementing a security procedure that employees can truly understand and incorporate into their work days. Call Global Learning Systems today to receive a customized solution for your company

award Winner Two Years In A rowaward award award  

Award-winning Training for Powerful Results

Request a Demo