There is no escaping the threat of cyber security incidents. We hear regular news cast about data breaches in the media and regulators are demanding improved information security. The public is getting more vocal when breaches occur.
Here are five things you can do to protect your business data.
Educate Your Employees on Data Safety
Teaching your employees about safe online habits and proactive defense is the first line of defense and should not be underestimated.
“Educating them about what they are doing and why it is dangerous is a more effective strategy than expecting your IT security staff to constantly react to end users’ bad decisions,” says Matt Watchinski, board member, National Cyber Security Alliance.
Make sure your employees understand how important your company’s data is, and all the measures they should take to protect it.
Control Access to All of Your Data
If you don’t know what parts of your business are vulnerable or what data you have that needs to be protected, you can’t properly secure it. It is critical that you work with a professional to audit your entire IT infrastructure — computers, network and mobile devices — to determine what you need to do to prevent hackers from accessing your network.
Keep in mind – more than 80 percent of corporate data being unstructured, it’s no surprise that email and files are the new targets for data breaches. Protect and audit data using identity governance tools. These tools help organizations identify where sensitive data resides, who has access and how they are using it. Most importantly, effective controls can be put in place to secure it.
Your organization can dramatically reduce IT risk by applying automated compliance and provisioning processes to file storage systems, on-premise or in the cloud.
Use Strong and Multiple Passwords
You must have heard this warning a hundred times already, yet most people do not follow it. Did you know that more than 90 percent of all passwords can be hacked within seconds?
Too many of us use simple passwords that are easy for hackers to guess. Hackers use automated tools to hack passwords. When we have complicated passwords, a simple “dictionary attack”—an attack by a hacker using an automated tool that uses a combination of dictionary words and numbers to crack passwords—can’t happen. Don’t write passwords down; commit them to memory. Don’t use personal data to create your password.
Implement password protocols in your environment that demand more complicated password use. Implement new passwords every sixty days.
Use Logical and Physical Security
Include both logical (authorization, authentication, encryption and passwords) and physical (restricted access and locks on server, storage and networking cabinets) security.
Logical security includes securing your networks with firewalls, running antispyware and virus-detection programs on servers and network-addressed storage systems. No storage security strategy would be complete without making sure that applications, databases, file systems and server operating systems are secure to prevent unauthorized or disruptive access to your stored data.
Patch Programs Regularly
Making sure your applications, at the user and server levels, are properly patched and updated — it’s a necessary step towards being fully protected.
“Your security applications are only as good as their most recent update,” Watchinski explains. “While applications are not 100 percent fool-proof, it is important to regularly update these tools to help keep your users safe.”
Frequently updating your programs keeps you up-to-date on any recent issues or holes that programmers have fixed.
Protecting your data cannot wait. Take action to implement data protection strategies before a critical hack costs you your company’s reputation and customer’s trust.