Data security has an impact on all of us on both a personal and professional level. It is very important for everyone to be aware of data security as awareness reduces the chances of information loss.
There are many areas of data security businesses need to be aware of in order to understand and mitigate potential data security risks. Best practice is to start with a risk assessment of your business systems to provide a gap analysis of potential security vulnerabilities.
Take our online security self assessment to help kick start this process.
Some areas you will need to consider with a brief explanation are listed below. Please call us for further details or to book a full data security assessment. Remember also, external security is very important but most data loss or theft comes as a result of internal security failure.
1. RAID (Redundant Array Of Inexpensive Disks)
Having multiple disks in your business server and using RAID to control how the information is written to them allows a degree of resiliency should you have a disk failure. It will save valuable time and reduce unnecessary interruption to your business.
2. Data Backup & Test Restoration
Having a regular data backup and restoration policy is an essential step in safeguarding data security. Most organisations have some form of backup but few of them regularly audit the process and ensure that essential data can be recovered.
3. Data Encryption
Lots of businesses use flash drives as an easy medium to transport or backup business data. It’s essential for any data on these devices to be encrypted. Encryption will code the data and make it impossible for anyone else to read who hasn’t got the code to decrypt the data.
4. Mobile Security
Many of us use mobile phones to synchronise contact information, emails and tasks as well as other key business information. As with flash drives, this data needs to be protected in case of accidental loss or theft. As a start, make sure your phone is protected with a PIN code and if you upgrade or sell your phone, make sure you restore factory defaults to remove all of your personal data.
5. Passwords Complexity & Rotation
All organisations should have a password policy as a basic data security function. As an added level of security it is also recommended the passwords be suitably complex to reduce the chance of them being guessed and that passwords are rotated or changed on a regular basis.
6. Firewalls, the internet & Remote Access
Obviously the external access to your companies data is essential and there are a variety of points to consider depending on the complexity of your organisation and the degree of remote access you require. As a starting point, ensure you have done the basics. Make sure your internet router has had the default password changed and a firewall enabled!
7. Anti-virus & Anti-spam
Having a decent antivirus to protect your servers and end points is widely accepted and adopted by most organisations and is an absolute must. Additionally the rise in SPAM email has seen ever more clever Phishing emails that are intended to dupe you into entering data into a web site that’s designed to mimic another web site such as ebay, paypal, or government web site. Its always worth considering a form of SPAM protection to help mitigate this risk.
