While cyber-attacks are becoming more common even for smaller businesses, many security breaches are actually the result of careless mistakes made by inexperienced or even disgruntled workers. In 2016, for instance, a Snapchat employee created a massive data breach when they were duped by an email allegedly from CEO Evan Spiegel. The email requested sensitive information on nearly 700 employees, which the unsuspecting employee complied with. Here are 5 ways to help protect your data against all kinds of breaches.
1. Take Advantage Of Cloud Security
At one time, keeping data on physical servers was generally considered far safer than using cloud-based services. Cloud-based computing has come a long way, however, and the level of security offered by today’s cloud-based services is often far superior to the level of protection afforded by most physical servers.
For one thing, cloud-based services have entire teams dedicated to updating software and creating security patches within minutes of any type of perceived threat. Where an IT tech may have to go individually to each computer and update security software (or simply trust employees to do it) in businesses using a physical server, a cloud service can update security universally in a matter of seconds.
In addition, cloud based services are not at risk of loss or damage due to fires, floods or other disasters. They will not only help keep your data safe from theft, but from disaster as well.
2. Ensure Passwords Are Actually Protective
Every year SplashData releases a list of the year’s worst passwords compiled from more than 5 million leaked passwords. As tech savvy as you’d think the world should be by now, without fail, the top entries continue to be “123456” and “password.” They made the top two in 2017, the same way they did in 2016, 2015 and 2014.
Here are some tips for proper password security:
- Whenever possible, create passwords for employees rather than allowing them to create them themselves.
- Create complex passwords that include upper and lower case letters, numbers and special characters
- Enforce mandatory password changes at regular intervals
- Use a password manager to store passwords with a single secure key
- Encrypt, Encrypt, Encrypt
No matter how careful you may be, businesses will always be susceptible to employee error. Encryption can keep thieves from being able to read data even if they manage to intercept it. Conversely, however, encrypted data can become corrupted and is extremely difficult to retrieve if it does. Every industry has best practice guidelines addressing data encryption, so it is best to follow them. Here are some of the best options for data encryption.
- Use the strongest available encryption standard on your router and protect both your router and Wi-Fi access with a password.
- Make sure that all your devices offer full disk encryption (FDE) and that it is activated. This will encrypt your system’s entire hard drive, including the OS, all apps, programs and data.
- Use encryption software to protect your customer’s credit card numbers and other personal information. The loss of your customer’s data could lead to identity theft and potentially the loss of your entire business.
- Maintain Your System
No matter how robust your firewalls, encryption software or other security measures are, they will not protect anything if you don’t keep them updated. Your service providers are constantly monitoring for breaches in their security and generally provide quick fixes for any vulnerabilities that become exploited.
When a hacker finds a weakness in a system, it only takes minutes for them to share the information with other ne’er-do-wells who can exploit hundreds of other systems using the same protections within a matter of minutes. As soon as there is an update or security patch available, you should always install it immediately. This is particularly important for anti-virus software.
- 5. Engage Your Employees While every company should have clear, written policies regarding data security, just putting a policy in place is not enough to ensure they are adhered to. One of the best ways to ensure policies are adhered to is through proper training as well as enlisting the engagement of your employees. Data breaches not only potentially cost companies millions of dollars, but they also devalue employee benefits such as stocks or shares.
Generally when you have high employee turnover, you also have a stream of disgruntled employees, which puts you at risk of a data breach. Even if your employees are not disgruntled, overworked IT departments can sometimes fail to keep up with deactivating accounts and passwords or give the wrong authorizations, which also puts you at risk. Treating your employees well in the first place will not only save you money, it could also provide significant protection against a massive data breach.
In today’s world, protecting data is not just about having the best security money can buy – although that is certainly important. Keep in mind, however, that your data often needs to be accessed by hundreds and sometimes even thousands of people, from employees to customers to service providers. Good security involves creating adequate protection at every level.
John Porter is a Southampton-based freelance writer. He enjoys writing about business and technology and is particularly interested in all types of productivity apps. Find him on Twitter @johnpourter.