Provide Critical Data Security Using Locks

Provide Critical Data Security Using Old Fashioned LocksSometimes the key to data security is an old-fashioned lock. Here’s some  advice on protecting your customers and employees by securing sensitive data. One important tip: Lock it — Protect the information that you keep.

  1. Lock, stock — or peril. Computer defenses can be critical, but when it comes to protecting personal information, don’t forget “old school” physical security, too.
    Discourage light-fingered passersby by making sure every employee has a secure drawer or locker.
    Centralize sensitive paperwork and limit access to employees with a legitimate business need.
    Remind them not to leave documents out when they step away from their desks.
    Shipping data offsite? Consider encrypting it and using a mailing method that will allow you to track the package en route.
  2. Barbarians at the gate. Viruses, spyware, and other invaders will attack an unprotected computer in just seconds. Your tech staff has sophisticated defensive tools at their disposal, but be sure to remind your employees that electronic  and data security is everybody’s business.
    Use strong passwords (the longer, the better) and require your staff — including the ones who wreathe their computer screens with passwords scrawled on sticky notes — to store them securely and change them regularly. Ask your IT people to install an intrusion detection system to tip them off to network breaches.
    Monitor incoming and outgoing traffic for higher-than-average use at unusual times of the day. Check expert resources like www.sans.org and your software vendors’ websites for alerts about the latest vulnerabilities and vendor-approved patches.
  3. We have met the enemy and he is us. Hackers certainly pose a threat, but sometimes the biggest risk to a company’s data security is an otherwise conscientious employee who hasn’t learned the basics about protecting personal information.
    Create a culture of security by implementing a regular schedule of employee training. Make it clear to new staff that abiding by your company’s data security plan is an essential part of their job.
    Make account data, credit card numbers, or other sensitive information available only on a “need to know” basis.
    Have a procedure in place for making sure that workers who leave your employ or move to another part of the business no longer have access to off-limits information.
  4. Trust, but verify. That Cold War phrase should describe your approach to the data security practices of your contractors and service providers. Before outsourcing any of your business functions — payroll, web hosting, call center operations, data processing, fulfillment, and the like — investigate the company’s data security practices and compare their standards to your own. Make sure your expectations and requirements are spelled out in the contract and build in a way for you to monitor their performance.
    Insist that contractors and service providers notify you immediately if they experience a security incident, even if it may not have led to an actual compromise of your data.
Share
Similar posts
  • Breaching the Bastille: When Security Vendors Get Hacked The recent rash of exposures about successful attacks against information security vendors may come as no surprise to a lot of people in the information security world who probably see or hear about it frequently, but it will surely come as “shocking” to most “ordinary” folks. HBGary, RSA, Comodo and Barracuda Networks are the latest [...]
  • Plan Ahead: How a Security Response Plan Can Help Your Business Expec... Taking steps to protect personal information in your files and on your computer can go a long way toward preventing a security breach. Nevertheless, breaches can [...]
  • The Lowdown on Laptops: Data Security for the Road Warrior Scan the lobby at any office building and you’ll see them: Busy executives scrolling through messages on their PDAs, flipping through stacks of client files, and carrying on animated conversations with colleagues via cell phone. No one appreciates the convenience of today’s virtual office more than the globetrotting Road Warrior. But are you maintaining the [...]
  • Protecting Personal Information — Know Why Originally written by Burke Kappler of the FTC Thousands of corporate executives have picked up practical tips on how their company can secure and protect the personal information it keeps. But some business owners may still be wondering why data security should be at the top of their agenda. Two reasons show why your company [...]
  • Protecting Personal Information: Five Steps for Business Original article by Lesley Fair What’s in your file cabinet right now? Tax records? Payroll information? And what’s on your computer system? Financial data from your suppliers? Credit card numbers from your customers? To a busy marketer, those documents are an everyday part of doing business. But in the hands of an identity thief, they’re [...]

Try Any of Our Services for 30 Days!

Share
Share