- Limit administrator access on all PCs. Its convenient for everyone in the firm to be able to download apps and update software on workstations.
- Require responsible password habits. These include randowm secure password generators or unique passwords that change frequently.
- Go partially offline. If there is a way to segregate extremely sensitive data on a network that does not have Internet access, the firm should do so.
- Don't blindly trust that a website will take responsible precautions. While firms have been hacked, the public has not seen the kind of embarrassing data breach at a firm that causes real economic and lasting reputation damage. But like it or not that incident is coming.
Erin Nealy Cox is an executive managing director and firmwide cybercrime practice leader at Stroz Friedberg in Dallas.