Data security is typically divided into two separate categories: 1) preventing loss of data; and 2) preventing against unauthorized access. Both of these are equally important and must be taken seriously. Data breaches are a common occurrence and most can be avoided, but have affected consumer confidence with certain big-box retailers. These retailers have seen an erosion of revenues as a result of these breaches.
No protection strategy is 100 percent secure; however, you can take several relatively easy steps to protect your company, employee, vendor and customer data. In today’s marketplace, companies perceived as “data secure” enjoy higher consumer loyalty, which leads to higher revenues.
Preventing Loss of Data
There are four key areas of focus for preventing the loss of data. These are primarily focused on the physical storage of the data. The four areas below are not mutually exclusive and should be embraced in their totality. Every investment in the IT organization is closely scrutinized. However, the cost to recover from a physical loss is typically far greater than the cost to implement appropriate protection strategies.
- It is important to physically locate your computer servers in a location that is secure and inaccessible to unauthorized individuals. Most companies house their primary servers in a limited access area of their headquarters.
- Regularly scheduled backups (preferably nightly) to a local server to allow for restoration if required.
- In addition to the local server, companies now also backup their data by sending to an off-site cloud server.
- In addition to the three strategies above, companies have deployed redundant servers that protect against a single point of failure.
Preventing Against Unauthorized Access
There are a minimum of three layers of security that companies should institutionalize.
- Remote users must have an encrypted VPN connection to access the company servers.
- All login should be password protected in order to obtain access to data.
- The system administrator should require password updates on a regular basis.
- Applications require secondary user authorized name and password to gain access to the data.
- Companies should also implement processes that disable any and all access rights to former employees.
Protection of proprietary information is critical to the future of any business. Designs, product roadmaps, customer pricing proposals and financial data must all be closely protected. Although this is one of the most important aspects that determine the future of a company, it is one of the areas given the least focus by all levels in most businesses. Company executives need to put the proper level of commitment and focus on the protection of proprietary information.
Michelle Guilbeau is a writer, reviewer, teacher and business owner. She also has experience in school administration, literacy coaching and is proud founder of CraftKitsForKids.com and MichelleGuilbeau.com Michelle enjoys sharing her knowledge of cities, food, travel, education and parenting issues with her readers. Her work can be found on Examiner.com.