Your business’ data is one of its most valuable assets, whether it’s customer data, financial information or details about your staff. Data theft is often partly a result of negligence, so the Information Commissioner’s Office regularly fines organisations that don’t adequately protect data.
To keep your industry reputation pristine and your data secure, your IT department needs to adopt these 5 essential security features.
1. Strong firewalls to protect your network and computers
Each computer or device used in your organisation should have a software firewall installed. The firewall will control internet traffic, and anti-virus software will detect and block malware. Cyber attacks are increasingly more sophisticated, with hackers developing malicious programmes designed to infect computers and access networks. Your firewall will protect applications, email accounts, and internet use.
Some standard firewalls won’t protect your business data from everything - ensure it monitors incoming and outgoing internet traffic, regularly upgraded to detect the newest threats, and blocks all unauthorised access to data and applications.
2. Row and column access control (RCAC)
The more people with access to a set of data, the more risk it’s exposed to. Row and column access control makes sure that people can access only the data they need to do their job. If a member of staff needs to see certain pieces of customer data, RCAC will allow access but block their ability to see more sensitive details that aren’t relevant. Even higher levels within an organisation are not exempt, this is a company-wide necessity.
May’s GDPR deadline will enforce strict rules around how data is stored and used, so the tighter your policy around data access, the better.
3. Encrypted portable devices
When laptops, tablets, and smartphones have encryption built in, any files saved to the hard drive or an external drive are immediately unreadable to hackers in case of theft. Devices that leave the office are often more vulnerable, particularly if used to connect to public WiFi networks. If that network is compromised and a member of your organisation is working on something in a coffee shop, the data stored on their laptop is easy to access without encryption.
Keep smartphones and tablets up to date and make sure they’re regularly checked over by your IT team. Many users don’t fully grasp the importance of firewalls and encryption if they haven’t been educated. An innocent-looking app download might seem like nothing, but it can expose a phone to malware very easily.
4. Regular backups
At every level, whether it’s a large corporation or a personal computer, backups save the day when something is corrupted or compromised. Servers, computers and devices should be backed up weekly, with incremental backups every day or few days. An incremental backup saves only the files that have been changed since the last backup, protecting data in case something happens between routine backups.
Many subscribe to the 3-2-1 rule - 3 copies of your data, 2 types of storage, and 1 copy stored offsite. Storing just one backup can make it as vulnerable as the original, so there needs to be multiple backups in different formats, both onsite and offsite.
5. Data leak prevention
Data leak software searches for information leaving your internal network, including code, numerical data, or financial information. The software can scan, detect and block potential breaches when the data is being used, become network traffic, or sitting in storage.
Your firewall won’t necessarily perform this function, so you might need an advanced system that uses algorithms to detect abnormalities, email exchanges, and suspicious activity.
Vohkus supports businesses with technology installation, management, and maintenance. Find out more about Vohkus’ core capabilities and how we transform your ideas into real outcomes, by requesting a call back today.