CHICAGO — Cybercrime can seem like a scary topic, but there are steps you can take to protect yourself and your company from the bad actors looking to take control of your data.
This was the message of Chris Birk and his associate Brandon Chance during his webinar, “Practical Things You Should Be Aware of about Computers and Security.” Birk, a computer expert with deep family ties to the drycleaning industry, conducted the Zoom meeting as a part of the February webinar series presented by the Drycleaning & Laundry Institute (DLI).
In Part 1 of this series, we took a look at some of the weapons of the cybercriminal, and in Part 2, we started to examine steps business owners and users can take to limit their exposure to internet hackers. For the conclusions, we’ll find ways to shore up your online defense so you and your business can protect your data and avoid becoming a statistic in online battles that experts agree will rage in 2021.
Good Credit Card Handling Practices — Your customers are entrusting you with their credit card information — and cybercriminals are counting on you to make mistakes. One common mistake is to store credit card information in an easily hackable format. “It’s a violation of payment card industry (PCI) rules to store credit card information unless it is encrypted,” Birk says. “Having a spreadsheet with your route customers’ credit cards, for instance, would be a violation.”
One method cleaners can protect themselves when using credit card information kept on file by returning customers is taking advantage of some of the protection tools available from credit card processors. “Some processors have what they call ‘tokens,’” Birk says. “You give them the credit card number, and they give you a token number. When you want to make a charge, you use the token number — and only you can use that particular number. Tokenization is the way to go.”
Update! — One of the best weapons at your disposal when dealing with cybercrime is to have a fully updated operating system (OS). For users who don’t like dealing with change, however, this is often a stumbling block. Birk points out that popular systems of the past — such as Windows XP, Windows 98 and Windows ME — are no longer supported. “There are no security fixes being offered by Microsoft for these systems,” he warns. “Also, if you are on Windows Vista, that system reached end of life (EOL) years ago. Ditto if you are on Windows 7. You need to move to Windows 10.” He also pointed out that Windows 8 and 8.1 will reach their EOL in January 2023. While the “free upgrade” window to go from Windows 7 to 10 has, in theory, expired, Birk says the window actually remains open and free updates are still available.
For those who do not like change, there is a workaround. Birk recommended a program called “Classic Shell,” available at ClasicShell.net, that changes the graphic user interface (GUI) of Windows 10 to more resemble previous systems while still retaining all the protection of the upgraded system. “We have about 150 computers at the American Stationary plant,” he says. “When we upgraded them from Windows 7 to 10, to avoid retraining any of our users, we simply put on the shell. It was that simple.”
Setting Rules — While it’s tempting to allow personal activities to be conducted on work machines, such as checking personal email, Birk warns against this practice. “Many years ago,” he says, “we had a factory in California where the manager let employees browse the internet and check their mail on a typesetting computer on the factory floor. I tried to convince him that this was a bad idea, but he thought I was being too concerned and that nothing could happen. One day, when someone checked their email during their lunch hour, the typesetting PCs — plural — were infected, and it quickly spread. They were down two days reloading their system.”
After that, rules were put into place to keep the work systems just that — work systems. “You need to set strict policies in place at your plant about the use of computers,” Birk says. “Make it for business only.”
For Part 1, click HERE. For Part 2, click HERE.
Have a question or comment? E-mail our editor Dave Davis at [email protected].