While Data Recycling of New England offers free, certified electronic data destruction, with a disposition certificate to guarantee it’s been done properly, as well as physical hard drive shredding, we know that business data security actually begins with you.
Business data security once relied on a paper shredder, which was fairly easy to control. Now, data is almost universally digitized, stored on hard drives, servers, disks and in the cloud, requiring additional oversight. The increasingly popular gig environment which fosters telecommuters to bring their own devices to the workplace adds another variable for companies to control.
To help your business, professional practice, or organization keep sensitive data secure, and avoid a possible data breach, here are a few easy-to-manage ideas and tips to consider.
- Look carefully at your data. Be aware of the most crucial data, the information that is most important that you keep safe, and out of the hands of those who will seek to hack first. Your customer, client and competitor information, sales and financial information, and intellectual property are among the most prized.
- Structure the levels of access and authorization to the data you have identified as critical or even sensitive. Grant access on a need to know basis. How many points of entry can you control? Evaluate the benefit of having a content management system or an IT department administrator who can manage who does what and when with your internal information. Knowing an office-wide monitoring system is in place can serve as a valuable deterrent.
- Passwords and 2-factor authentication are worth the effort, even though they are a source of aggravation for most of us. Repeating the use of passwords, even “strong” passwords is a well-known taboo, but the problem continues. Using the same password across various services and applications opens the door to mayhem that could have been prevented, and cyber criminals thrive on weakness.
- Encrypt and double-check the encryption. Not only can this prevent theft, but also the ability for thieves to open and use this data if it is stolen.
- Request notifications of updates on the services and software your businesses use. Read, stay aware and set notifications of vulnerabilities, patches, and breaches. Search engines and search inquiries are quick and reliable sources of information that can be sent to your inbox.
- Use a tangible server with cloud backup. Data protection with a traditional server may be easier to protect than the cloud. This is another layer of security when you don’t know about the provider’s security measures.
- Devise a device policy. Consider the number and kinds of devices that may enter your facility daily, from phones and tablets to computers with other networks, and various applications to manage someone’s home air conditioning system. Those access points multiply quickly, increasing the opportunity to grab your data. Your equipment as well as others’ are potential hazards, based on their ability to connect. Develop a policy, and make sure it is properly implemented and monitored.