It wasn’t that long ago where it was the exception, not the norm, to see most full time employees have Black Friday off. It meant instead of having employees take the day off, most got to enjoy a long weekend and some crazy shopping. Now, instead of just losing work on Black Friday, employers also need to be mindful of Cyber Monday-and not just for the lost productivity as employees hunt for the hottest online shopping deals.
The online shopping season-and the shopping season in general-tends to be a bonanza for hackers. Over the past year, we’ve seen several major retailers-like Home Depot and Target-lose millions of customer credit card records to determined hackers. When hackers breach a store, that’s one matter. When or if they breach an individual transaction, say, while on a corporate network? That could open up an entirely different can of worms.
This shopping season may not see millions pilfered, but it won’t be for lack of trying. So what can you, as an IT administrator, do?

1. Consider blocking online shopping sites.

This is an easy enough thing to do, but if you haven’t done it yet, you may see some backlash. On the one hand, it makes sense-many businesses block non-essential sites to avoid losses in productivity, if nothing else. While many would understand that a company has the right to restrict how their business bandwidth is utilized, it will not be popular with employees if they’ve grown accustomed to the freedom. It’s worth doing, but just be prepared.

2. Make sure your security is up to date.

Any patches on anything from corporate computers to firewalls and edge routers, make sure code is up to date. The last thing you need to find out is that you were breached, and the patch that would have prevented it came out months ago.

3. Restrict non-corporate devices from the network.

Again, this may not be popular, but the logic is sound. If you don’t own and control the device, you can’t ensure what it can or can’t do. If you can’t ensure it’s up to date, it can’t be on your network.

4. Socialize the risks.

Most employees are at least somewhat aware of the risks of shopping online, and the credit card breaches in general. That doesn’t mean they take the threat seriously enough, however. Providing employees with useful information, tips and tricks that will help them avoid the threats can go a long way toward mitigating the risks.
Hackers are far more likely to focus on data from a big box retailer than a solitary online shopper from your corporate network, but it doesn’t mean you shouldn’t at least be prepared for the unlikely event-and at the same time, be looking out for your employees online and fiscal safety.

BACK TO BLOGS