The use of computers leads to the creation of data. That data is often vital for the businesses that collect and produce it. If the data is lost or stolen it can create serious issues that can cost businesses revenue, customers and their reputation. Given the magnitude, it’s no surprise data security was the top priority for companies that participated in Dell’s recent Global Technology Adoption Index.
If you think your data is safe, take this into consideration. Within the last five years, the Office of Personnel Management (OPM) and the Department of Defense (DOD) have been hacked. Dozens of Fortune 500 companies have also experienced data breaches. Of course, simple mistakes compromise data all the time as well.
Data loss is the number one concern for clients that rely on Secure Data Recovery. Their server recovery experts shared advice on how businesses can protect against data loss and its associated costs.
The Simplest and Best Piece of Advice
Create better passwords. So many security issues begin with subpar passwords or companies using poor password habits. Either the passwords are too easy to figure out, employees share the passwords with others or they aren’t changed often enough.
All companies should develop a password policy that provides guidelines for how passwords are to be created and managed. Best practices should always be used such as not using personal data and including a variety of symbols in the password.
Have a Data Management System in Place
A data management system makes it easy to organize and search through the data collected by your servers. In the event there’s a data breach or failure, a data management system can help you recover the information much quicker and easier. These systems also provide a protocol for how data is maintained and archived.
Protecting Personally Identifiable Information
Protecting the information of your employees, partners and customers is vital. The Online Trust Alliance’s 2015 Data Protection Best Practices study found that 29 percent of personally identifiable information (PII) security breaches were attributed to lack of internal controls. Employees on the inside either purposely or accidentally caused a breach because safety precautions weren’t in place.
One way to protect PII is through encryption. Simply encrypting documents that contain PII can be enough to mitigate the risk. However, you’ll also need to establish policies that lay out how PII is collected, where it is stored and who has access to the information.
Data Loss From Within
As noted above, the biggest threat may be right in your office. As unpleasant as it is to think about, data theft and data leaks by employees do happen. And it happens more often than many CEOs like to think about.
There are a number of ways a company can prevent data leaks and loss from the inside. They can:
- · Prevent sensitive data from being transferred to USBs and removable media.
- · Automatically cut off access to data for a certain workstation or individual if issues are detected.
- · Limit access to data as much as possible – here again a data management system can help.
- · Be proactive in monitoring how employees use devices and apps. Make it a company policy that no apps are to be used unless they are approved first.
- · Put a plan into place to encrypt data if a security event is detected.
- · Part of the password policy should be changing the login credentials of all systems an employee has access to the moment they are let go.
- · Segregate internal systems – No matter where the data breach originates, segregating internal systems can limit what hackers and employees can get their hands on.
Data Loss Through Devices
One of the most common ways employees accidentally cause data security problems is through their devices. Whether it is a personal phone or a company computer, the devices they use could contain sensitive information. If employees aren’t careful they can expose a company to hackers and thieves.
The OTC found that 18 percent of security breaches in 2014 were a result of lost devices and documents. Educating employees on how to secure their devices and data is one of the easiest and most effective ways to minimize this risk. It’s also best to limit which personal devices can link to your network and the type of data they can access.
Choose Your Vendors and Cloud Providers Wisely
Sometimes it’s the company you keep that can compromise your data security. The OPM data breach is a perfect example. KeyPoint Government Solutions, a contractor that was conducting background checks for the OPM, was hacked in 2014, leading to the theft of information on millions of people.
It’s not enough to use multiple layers to protect your own data. You also have to heavily vet vendors and cloud service providers to make sure their security slip-ups don’t become your own. Ask them how they are currently protecting data, their methods for backing it up and what steps they are taking to prevent data loss.
Have a Response Plan
Building a relationship with a company like Server Data Recovery that’s on call to assess the situation can prove to be essential if a breach or loss does occur. These issues have to be handled immediately to minimize loss of data and productivity. Outlining a response plan and putting the pieces into place is highly recommended by the OTA. The plan should encompass 24/7 monitoring because a breach can happen at any time.