b'The No. 1 way you can protect yourself from ransomwareis to make sure youre backing up your data, particularly having offline, also known as cold storage, backups, he says.Many companies offer hourly or daily cloud storage backup services, he says, for as little as $10 per month.Backing up data gives the jeweler control rather than depending on an outside entityin the case of a ransomware attack, this means a criminalto restore the service. Cybersecurity Law enforcement has talked about [backing up] as being the best way to prevent ransomware, because if youre backingResources up your data, youre not going to have to rely on the attacker to decrypt your data. to KnowAnother key tip for protecting a business from ransomware attacks is data minimization.Companies should only be keeping the information thatsImplementing cybersecurity protections can be a com-absolutely critical for them to conduct their business functions.plex task, but there are a wealth of tools available to small If you dont absolutely need it to make a sale, you reallybusiness owners. From software patches to security scans, shouldnt have that information, says Ruddock. here are a few helpful resources, as recommended by This especially applies to credit card information, he says,JSAs Ryan Ruddock.which customers should manually enter each time rather than using a save card information option. The Federal Communications Commissions Cyber-By practicing data minimization, you reduce the opportu- planner helps small businesses create their own nity for a possible data breach, for an attacker to compromisecustomized cybersecurity plans. your systems and then demand ransom. https://www.fcc.gov/cyberplannerKeep an eye on tracking numbers. The Department of Homeland Security introduced A perhaps lesser-known cybercrime scam involves using thea Stop. Think. Connect. campaign with employee tracking number information issued by delivery companiestraining resources. such as UPS and FedEx to steal packages, sohttps://www.stopthinkconnect.org/Ruddock advises keeping that information under wraps. SoftwarePatch offers updated patches for computer The reason why youand software applications. A patch is a change or dont want to share yourupdate that can fix security vulnerabilities or other tracking number is be- technical issues. cause the person whoshttps://www.softwarepatch.com/engaged in social engi-neering can take that number, and thenFraud.org, created by the National Consumers League, they can actually reach out to your shipping company andalso has helpful security tips and sends out fraud alerts. have the package rerouted to any location that they want.https://fraud.org/If a customer calls for a tracking number, be sure to verify their identity before giving out that information to avoidThe National Cybersecurity Alliances website offers having their package rerouted to an unintended recipient. free computer security scan tools for a PC or network. By not giving out the tracking number, you reduce thehttps://staysafeonline.org/opportunity for somebody to divert a package and to send it to a different location, he says. IT security company Sophos has a news site, titled Jewelers also can talk with their shipper about how changeNaked Security, that sends out a daily newsletter with of address requests are handled.opinions, advice, and research on computer security They can set a limit on the number of times an address canissues and the latest internet threats. be changed on a shipment or request a package be returned tohttps://nakedsecurity.sophos.com/them if a change of address attempt is made.The Federal Bureau of Investigations Internet Crime Employees can work from home safely, if Complaint Center is a resource for reporting cyber-the right security measures are in place. crime. Jewelers can also reach out to JSA. The COVID-19 pandemic led to more employees workinghttps://www.ic3.gov/from home and many have remained there, posing a new, but manageable, security risk.NATIONAL JEWELER 19'