If you walked into the office this morning to find that your customer information had been compromised, or a disgruntled employee had wiped a database clean, would you be prepared? Have you set preventative measures in place to safeguard you against total loss? Do you have security features in place to help you retrieve lost data? Are you able to continue with business as usual or would a security breach such as this bring you to a standstill?
It’s a lot to think about, but according to USA Today, approximately 43% of businesses encountered a data breach at some level in the year 2014. With percentages like this, the likelihood of it happening to your business is high. So again, are you prepared? Below are a few signs to determine whether your data loss prevention plan is intact or if your company’s data is vulnerable:
No ad to show here.
1. Do you have the proper software?
Most small businesses will assume that having the basic virus protection on their computers is enough to ward off impending threats. However, the truth is that experienced hackers and even internal employees can steal, delete, or damage sensitive data despite the basic virus protection.
If all you have is a simple software package to protect against viruses, you may want to think again. Investing in more comprehensive software like data loss prevention software can safeguard you against internal and external threats. Such software keeps track of suspicious behavior, blocks access, when necessary and reports it to key personnel so that the issue can be resolved before it becomes serious.
2. Is your sensitive data encrypted?
When you have sensitive data, such as company financials, consumer information and so on, it becomes important to add several layers of protection. If you’re simply saving documents to files that are stored on company computers, this isn’t enough protection. It leaves information susceptible to being stolen and used at a later date.
Encryption is necessary when working with sensitive data. Encrypted documents require a password for someone to gain access. Without this password or encryption key, the document is seemingly useless in that the codes cannot be deciphered.
3. Is all information backed up?
When files are created and software is installed on your company server, is the information being backed up? All too often, businesses make the mistake of assuming that a saved document will always be there. The truth is, if the system was to be wiped out or even accidentally deleted, there is no getting it back.
All companies should back up their data. This way if there is a security breach you won’t have to waste time and money trying to recreate the pertinent information. There are several ways a company can assure their data is backed up. This includes saving everything to a physical device (i.e. a USB flash drive), setting up backup features through Microsoft, or storing all information in the cloud.
4. Do you (and staff) change passwords often?
Passwords are a great layer of protection for companies that utilise software and databases on a regular basis. Creating authentic passwords is one way to ensure they’re not compromised, but changing them from time to time is also advised. If your company passwords are simple to figure out and have been the same for the past five years, you’re leaving company data vulnerable to a breach.
Instruct your staff to switch their passwords at least once or twice a year. You should also remember to change passwords and usernames to accounts of old employees to ensure that they cannot access the information and use it to their advantage.
5. Have your employees been properly educated on security?
Do you have rules, regulations in place as it pertains to data protection and security? If it’s been a while since you’ve had a staff meeting or training on data protection and security, you could be at risk for a breach.
Your employees have access to important information that could easily be compromised (intentionally or unintentionally). In order to ensure that they’re aware of the potential breaches, how to handle information and passwords, and what to do if they suspect suspicious behavior, you’ll need to train them on a continual basis. Training annually, having policies and procedures in a general area and having staff sign off on contracts is a surefire way to keep everyone on the same page.
It’s a digital world we live in. While technologies and software make it easier for us to do business, it also opens the doors for potential threats. If you answered ‘no’ to any of the above questions, you’re not prepared for a possible security breach. Taking preventative measures are necessary, whether you own a brick and mortar shop or an e-commerce site. If you’re not sure where your vulnerabilities lie, consult with an IT professional for a security audit to bring these risks to light.
Feature image: Alex via Flickr.