The news earlier this month that two million Facebook, Gmail, Yahoo and Twitter passwords were stolen in a massive hack attack reminds us about the dangers of cyber-crime. Today, it seems arget also fell victim to a cyber attack "potentially involving millions of customer credit and debit card records." They won't be the last. In a recent study in the UK by consulting company PwC, 78% of large companies reported that they had been attacked by an outsider last year; 14% of these attacks were succesful. UPDATE:  Today, apparently T

Below are five recommendations for company policies to help protect against cyber-crime: 

1.      Do not list employee email addresses publicly.  Cyber criminals troll for email addresses and then use a variety of techniques to hack into accounts. Don’t make it easier for the hacker by giving them your company’s email directory.

2.      Institute strong password protection protocols.  A password at one site or email address is a gateway for further hacking.

Guidelines for passwords: They should be long, complex and combine letters, numbers and special characters. Tools like Lastpass, Roboform & 1pass provide the option to generate strong passwords and store them in the cloud for easy access across multiple devices (be mindful of a strong master password when using these). Employees should be required to change their passwords periodically.

3.      Deploy two-step authentication whenever possible. Two-step authentication significantly cuts down on cybercrime because it requires an additional level of authentication in order to access an account. This will typically require access to a mobile phone where a text (SMS) message can be sent with a verification code.

4.      Encryption is key for safety. Hackers are looking for information that can be used to access bank accounts, credit cards or trade secrets. Encryption of your files makes it harder for the hackers to steal information. For Microsoft Windows, we recommend BitLocker, which is a standard option that enables one to use full-disk encryption. Although encryption is only activated when a user is logged out, it is a further layer of protection against hackers.   

5.      File backup should be mandatory. Backing up your files (either physically or via an online cloud service like dropbox, box.net or sugarsync), won’t stop hackers, but it will make your life infinitely easier if your files are corrupted or deleted by a cyber-hacker. Most operating systems such as Microsoft (Skydrive) and Apple (iCloud) provide basic cloud back-up services built into the software.