[BreachExchange] 5 Simple Ways to Beef Up Your Data Security

Fri Aug 11 14:20:56 EDT 2017

https://lerablog.org/technology/data-security/5-simple-ways-to-beef-up-your-
data-security/

Today’s companies transmit more data online than ever before, and much of
this data contains highly sensitive information such as customers’ credit
card numbers, employees’ social security numbers, and so on. This helps
explain why hackers are increasingly focused on intercepting this
information from unsuspecting companies. These hacks are potentially
devastating to companies, as one analysis found the average data breach
costs companies up to $3.5 million.

Did that stat make you want to run to your IT department and demand
heightened security? Thought so. In addition to putting up strong
firewalls, maintaining antivirus protections, and keeping software up to
date, here are five simple ways to beef up your data security.

Secure all your connections.

Most companies these days utilize wireless internet connections. While this
has made work easier in a number of ways, weak or insecure Wi-Fi
connections also make your data vulnerable to hackers. The easy solution?
Make sure your in-office Wi-Fi is thoroughly secured, and train your
employees to never access unsecured Wi-Fi (whether in an airport, hotel,
restaurant, or at home) whenever they’re using company devices or accessing
company data. On a similar note, do not allow electronic devices to access
your network unless they’ve been vetted and proven to be secure.

Utilize secure passwords.

This is one of the simplest—and most effective—strategies for making an
immediate improvement to your data security. Office workers across the
country use scarily weak passwords on a regular basis. While they do so
without malice, this is putting employee, company, and customer data at
serious risk. Thus, it’s imperative that every member of your team be
trained in a strong password policy that includes the following:

- Strong passwords that move beyond the likes of “Password01,” “12345,” or
common words or phrases. At a minimum, passwords should include a
combination of capital and lowercase letters, numbers, and symbols
- Unique passwords for all individuals and logins so the same passwords
aren’t shared amongst a group or used across multiple devices
- Password protection for all electronic devices
- Regular password changes that occur at least every 90 days (more
frequently for any logins that access highly sensitive data)

If you want to further enhance the security of the login process, consider
employing two-step verification.

Encrypt all devices and sensitive data.

Given that work devices connect to more data than ever before, it’s
important to encrypt all tablets, smartphones, laptops, etc. In addition to
encrypting these devices themselves, it’s equally vital to encrypt the
sensitive data that’s stored on them. For example, data that’s been
exported to a laptop can be stored in an encrypted folder. Also be sure to
encrypt all databases used to store sensitive data as well as the transfer
of sensitive data.

Physically secure your server and company electronics.

While much data security advice involves digital security strategies, it’s
just as important to secure any physical points of entry to your company’s
data. Specifically, it’s a good idea to invest in a security system that
protects your company’s physical premises, prevents unauthorized access to
your server, and deters theft of company electronics (which could be used
to access sensitive data). Today’s comprehensive security systems offer a
range of features including motion detectors, glass break sensors, video
surveillance, remote monitoring, and more.

Backup your data.

This is the most effective way to protect your data in the unfortunate
event that a data breach or technological meltdown occurs or your office
building is seriously damaged as a result of natural disaster. At a
minimum, plan to back up servers and work computers every week. Make sure
this backup data is stored in a remote, secure location.

These strategies aren’t the end-all be-all of data security, but they are
critical first steps when it comes to making your employee, customer, and
company data more secure in the 21st century.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170811/789456c4/attachment.html>