Your business’ data is its lifeblood. Lose it, or have customers lose faith in your ability to protect it, and you may be out of business. You cannot afford to be lax in IT security, but for many, the question is what they can do to protect themselves and their businesses. Let’s discuss how to prevent data breaches in your business.
Only Keep the Data You Need
If you don’t hold on to data, you can’t lose it in a data breach. Don’t collect information about customers unless it is absolutely necessary to deliver a service. Delete and destroy data you don’t need anymore and make certain it is done in a secure manner. There’s a side benefit to minimizing how much data you collect – your data storage costs will be reduced.
Don’t Use Sensitive Data as Unique Identifiers
Your company needs to set up procedures that prevent sensitive data being used as unique identifiers. Don’t use Social Security numbers or driver’s license numbers as employee IDs or client account numbers. If you are doing this, create new unique user identifiers immediately and update your system.
When you have sensitive physical records, restrict physical access to them. This may be in a locked storage cabinet or locked room, and only those who need the information should be able to access the records.
The same should be true of your IT systems. Only those who need to be able to see customers’ personal information or financial information should be able to see that information. Don’t give temporary workers access to mission-critical data or sensitive information. Always encrypt data before you transmit it through the internet. Another approach is limiting the use of USB drives and portable media.
There are a number of ways to limit risk. Not letting people view sensitive company data on unsecured personal devices is one way. Another is prohibiting file sharing services or use of personal software on work computers since this opens up the door to malware getting onto your IT infrastructure.
You can set policies that limit risk, like timing out users after a set period of inactivity, requiring passwords to be reset periodically, and deactivating user accounts as soon as someone leaves the company. Restrict telecommuting to company-controlled computers that have the approved anti-virus and anti-malware software on it. And train employees never to leave company laptop computers and tablets lying around.
Destroy Before Disposal
Don’t just throw out an old computer. Deleting files isn’t good enough. Instead, use software that totally wipes the information from the system before you donate, discard or destroy to old computer or server. Services like Secure Data will allow you to recover data from faulty machines before you dispose of them.
Keep Your Defenses Up
Keep your security patches up to date on all computers. Have IT maintain firewalls, anti-virus software, and anti-spyware software on the network and make IT security a priority.
Take action now to minimize the odds of a data breach. Follow our advice, and you’ll limit the potential impact of a breach if it does occur.