Small-business owners have many roles to fill–from managing payrolls and marketing to customer service. But one area many small-business owners fail to plan for is their company’s cybersecurity.
According to a recent Small Business Administration survey, 88% of small-business owners feel their business was vulnerable to a cyberattack. Experts warn that small businesses, including those in West Virginia, are under constant attack by cybercriminals, be it from local, national or global actors.
We don’t have to dig deep for a local example of this threat. In 2017 Princeton Community Hospital, in Mercer County, was a victim of the Petya attack, costing the health system $27 million.
Yet, many businesses can’t afford professional IT solutions, have limited time to devote to cybersecurity or simply don’t know where to begin.
Read more.
On November 9, 2020, the Federal Trade Commission (FTC) announced a settlement agreement with Zoom Video Communications, Inc. (Zoom) that arose from alleged violations that Zoom engaged in a series of deceptive and unfair practices that undermined user security.
The FTC found that Zoom made several representations across its platform regarding the strength of its privacy and security measures used to protect users’ personal information that were untrue and provided users with a false sense of security. Specifically, the FTC found that Zoom made multiple statements regarding “end-to-end” and “AES 256-bit” encryption used to secure videoconference communications. However, Zoom did not provide end-to-end encryption for any Zoom meeting conducted outside of Zoom’s “Connecter” product. And, Zoom used a lower level of encryption that did not provide for the same level of security as “AES 256-bit” encryption. The FTC also found that Zoom stored meeting recordings unencrypted and for a longer period than Zoom claimed in its Security Guide. And, Zoom circumvented browser privacy and security safeguards through software updates without notice to users and without establishing replacement safeguards.
Read more.
The world of data privacy is constantly changing. Regulatory compliance has never been more important, particularly as the business world has been forced to become more digital as a result of the pandemic. In this recent podcast Babst Calland Data Privacy Attorneys Justine Kasznica and Ashleigh Krick review domestic and international data privacy and security laws, and how such laws may affect your business and online presence.
Topics of discussion include:
- Overview of the General Data Protection Regulation (GDPR), Personal Information Protection and Electronic Documents Act (PIPEDA), and California Consumer Privacy Act (CCPA)
- Common elements among GDPR, PIPEDA, and CCPA; including: privacy policy notice requirements, business obligations, and consumer rights
- Overview of U.S. Regulatory Landscape: proposed state legislation and thoughts on federal action
- Practice pointers and best practices for compliance with existing privacy laws and preparing for the future
Listen to this episode of the Emerging Tech Law Podcast series on Pittsburgh Technology Council’s TechVibe Radio.
When the economy started shutting down in March as a result of COVID-19 and employees began working remotely, keeping intellectual property and proprietary information safe didn’t top the list of companies’ concerns.
“Some businesses didn’t put procedures in place or have appropriate training classes because no one really thought the pandemic would extend as long as it has,” says Carl Ronald, shareholder at Babst Calland. “They didn’t instruct employees on how to identify important confidential information or safeguard certain proprietary documents when working from home.”
Smart Business spoke with Ronald about how to keep your company’s proprietary information safe when employees are working outside the office. Read more.