The iPad hacking scandal which recently led to the arrest of two hackers and left 120,000 iPad 3G users “exposed” is making companies look at protecting financial data differently. David McCraney, a Technology Consultant and Certified Information Systems Auditor at Carr, Riggs & Ingram, CPAs and Advisors (CRI), says that despite well publicized incidents of hacking such as this, computer security and the controls of protecting company financial systems can be obtained. In June, two hackers from Goatse Security found a security loophole in AT&T’s software and were able to gain access to the personal information of world movers and shakers, including Rahm Emanuel, Michael Bloomberg, members of the U.S. Congress, NASA employees, and top executives from Time Warner, HBO, Citigroup and Morgan Stanley.
Even more alarming is the fact that when one Googles “iPad hack”, the first link is to a website offering tips on how to hack into the iPad. According to Gov Info Security, a wide amount of 2009’s data breaches were committed by out of work IT experts who are driven to “the dark side” out of desperation to pay bills.
While Apple has a strong reputation in computer safety, the recent events highlight the need for companies need to pay attention to their IT infrastructure and ensure they are immune from malicious intent of mischievous IT maestros – no matter the operating system.
McCraney advises hiring a professional to examine your IT systems and/or IT infrastructure for any potential breaches or weaknesses in security. “A proper analysis of a company’s IT risk assessment can go a long way in avoiding potentially costly problems,” says McCraney. “An organization’s exposure to security issues can be limited by following ‘safe computing’ practices and understanding the IT risks.”
To highlight McCraney’s point, the “loophole” which allowed the hackers to access AT&T’s site has already cost the company $73,000 to fix the problem. "Companies that are hacked can suffer significant losses, and their customers made vulnerable to other crimes, privacy violations, and unwanted contact," says U.S. Attorney Paul J. Fishman.
While an IT expert can help prevent security breaches, there are several things one can do to safeguard from hackers.
· Update your operating system: If you haven’t upgraded your operating system, there could be weak spots in it which hackers can find. Make sure you download updates at least once a week. This will patch up any holes which can leave you vulnerable to known security issues.
· Use secure passwords: Passwords with numbers, letters, symbols and random capitalization are harder to guess than “1234” or “password”. Changing your password often is also recommended.
· Don’t give out your information: Just like you shouldn’t give out your credit card number to strangers, don’t post your passwords or IP numbers. Having this information makes it easier for hackers, so the less you give out, the less likely hackers can get to you.
· Use a good anti-virus software: A good anti-virus/anti-malware program will go a long way in making sure you don’t accidentally download spyware, or other malicious programs seeking to find your personal information. Just like you wouldn’t go into a sick ward without anti-bacterial, you shouldn’t surf the internet without anti-virus software.
CRI’s proprietary controls have made the company the number one choice for many firms seeking to protect themselves from the idle malice of hackers seeking amusement or financial and personal gain.
While CRI services the Construction, Manufacturing/Distribution, Not-for-Profit, Government, Banking, Healthcare and Professional Service industries, McCraney states that more industries are seeing the need for better IT peace-of-mind.
About Carr, Riggs & Ingram, CPAs and Advisors:
CRI is ranked 34th nationally and 4th regionally in Accounting Today’s top 100 national firm listing. Today, CRI has over 600 employees in 24 offices throughout Alabama, Florida, Georgia, Louisiana, Mississippi, Tennessee, and Texas and is recognized as one of the fastest growing firms in the United States. CRI offers comprehensive tax, audit, and consulting services to both businesses and individuals. For details regarding their service and industry specialties, please visit www.CRIcpa.com.
# # #