Your business data is hugely valuable. It doesn’t matter what size of business you are or what sector you’re in. Your data is attractive to cybercriminals. That means you need to secure it well. Here are six tips to help.
Work out what data you hold and where it is
You can only protect what you have if you know what you have and where it is. Given that GDPR has been in place since 2018, you should already be on top of this. If you’re not, then you need to address the matter urgently. If you’re just starting a business, then you should be keeping data control front and centre at all times.
Assess current hazards
In the world of regular health and safety, you start with a risk assessment. This is also the best approach when you are looking at the health and safety of your data. When you first think about securing business data, you may think about securing it from theft by cybercriminals. This is important but it is by no means the only threat your data faces.
Sadly, you also need to think about theft by employees. There’s also the possibility of employees being tricked into giving away data or releasing it by accident. You also need to think about accidental data loss (e.g., drives failing) and data corruption.
Encrypt all data
Managing Director of RoundWorks IT, Luke Watts commented, “At a minimum, encrypt all personally identifiable data. It’s preferable to encrypt all business-sensitive data as well. In fact, the safest approach is to encrypt all data. That way nothing slips through the net. The downside of encryption is that it generally slows data processing. That, however, is a small price to pay for the security it offers.”
Encrypting your data makes it useless to cybercriminals. That is your best protection against the reputational and financial damage data theft can cause.
Backup your data
You need two backups of your data. Your onsite backup helps you recover from errors such as accidental deletions (or updates gone wrong). Your offsite backup helps you recover from more critical incidents such as cyberattacks. Both backups should be regularly updated and, like your live data, both should be encrypted.
If you’re working in the cloud, then the automatic backups most service providers offer count as your local backup. You still need an offsite backup in another location. It’s fine if this is another cloud. You just need to be sure that there is no chance of disruption to one service leading to disruption in the other.
You also need to be sure that you can actually restore from your backups. Check this periodically by going through the full restoration process. Never take it for granted that your backup process will just work. It probably will but you need to be absolutely sure.
Archive and delete data promptly
Your production storage should only hold data you are actually using. Anything else should be archived or deleted. If data is archived, then it should be deleted immediately it is permissible to do so. Ideally, this process should be automated. This will reduce the scope for human error and reduce the workload for human staff.
Archiving and deleting data promptly will minimise your exposure to data theft. As a bonus, it can also help to reduce your costs.
If you are in the cloud, there is a direct link between the quantity of data you store and how much you are charged. The speed of your storage also helps determine the cost. This means keeping data in production rather than archiving it will cost you more.
Even if you’re not in the cloud, buying storage you don’t need will still add to your costs. If you’re using network storage, you’ll also need to think about the cost of electricity.
Implement robust IT hygiene
If you don’t know what robust IT hygiene means, then enlist the help of a managed IT services provider. They can take care of the technical practicalities. They can also often help with training your staff. If they can’t do it themselves, they can generally refer you to someone who can.
Luke Watts is the director of RoundWorks IT, which are specialists in managed IT services, including, backup and disaster recovery, cyber security and more for businesses across East Midlands.
Post articles and opinions on Nottingham Professionals
to attract new clients and referrals. Feature in newsletters.
Join for free today and upload your articles for new contacts to read and enquire further.