IMJustice Marketing is certainly no “Dark Web” expert, but once data ends up on the dark web,
there’s very little that can be done about it. It’s best to avoid this from happening to your company,
employee or customer data. The following best practices can help.
Prohibit employees from using TOR.
“If employees can access the TOR network, they can easily expose your company to damaging
material and/or malware. This would be particularly detrimental to your corporate network,” says
Wagner. “Provide clear guidance in employee manuals and train employees on ‘clean’ internet use,”
advises cyber-security attorney Braden Perry. “Use software to block TOR. Make it clear that
corporate investigations will be initiated if management suspects that this rule is being broken.”
Educate employees on security protocols.
“The end user is the weakest link in your protective measures for your network,” says Campos.
“This means it’s important to teach your employees about cyber-security measures and compliance
with your company’s policies,” he says. “The more aware and trained your employees, the better.”
Limit employee access to sensitive data.
It’s a good idea to operate on a need-to-know basis when it comes to company data.
The fewer employees who have access to company and client sensitive data, the less
likely your company is to experience a breach.
Employ a comprehensive security program.
“If businesses have good control of their sensitive information, it won’t wind up on the
dark web,” says Levin. “Ensure that privacy protections are airtight. Access vulnerabilities
and use vulnerability management programs.”
Being proactive is the key to avoiding problems with the dark web, believes Scheffer. “Take
steps to safeguard all systems and data and embed the necessary cyber-security measures
within the foundation of your business’ IT infrastructure,” he says. “Implement accurate and
efficient security tools that monitor for and detect security threats in real-time,” continues
Scheffer. “Additionally, guarantee safekeeping with layers of security weaved throughout
processes to make a hack unappealing to cyber-criminals.”
Avoid storing sensitive information.
Smaller businesses could lean on larger service providers to reduce their attack surface,
suggests Amini. “Don’t store sensitive information if you don’t need to,” he says. “Payment
processing can be offloaded to third parties that specialize in this. In the event of a
compromise to your business, customer financial information won’t be accessible.”
Don’t reuse passwords.
Passwords are frequently traded on the dark web, according to Amini.
“Many people reuse the same password across multiple services, and that should be
avoided,” he says. “A compromise on a seemingly innocuous site can result in larger
damages if that password is re-used for a more sensitive site, such as banking. Use a
password safe to generate and manage random passwords.”
Take advantage of a dark web monitoring service.
Various credit monitoring services also offer dark web monitoring, says Campos.
“Such a service regularly checks if any personal or company information is showing up in
restricted forums on the dark web,” he says. “An alert is then sent to the service subscriber
with a recommendation on protective measures, [such as] password change or credit freezing.”