We’ve discussed the costly impacts of a data loss in Where’s Your Data? and began talking about a Cyber Breach Response plan last month. Additionally, future Tips will provide more detail on how to protect your business from problems, hassles, and lawsuits. Once you have identified a risk, the first risk management step is always prevention.

  1. Prevention:

There are two major areas to focus your attention on if you want to prevent the costs and hassle of a data breach: employees and passwords. Most business owners don’t realize the importance of these very fixable flaws.

A recent IT Managers survey surprisingly reported 78% of data loss came from negligent and careless employees who were not following company policies. Personal devices and cloud storage all had significant and negative impacts.

Action

  • Employee policies, training, reminders, and enforcement are where you should start.
  • Brainstorm about how mistakes happen, such as, email auto-fills and other recent hacking attempts employees have seen.
  • Beware of “free” offers and strange emails from “friends.”
  • Discuss personal email received on company computers – this and social media messages are how phishers get into corporate databases.
  • Make sure everyone understands how mistakes can be disastrous.

Weak and shared passwords were the second biggest culprit.

Action

  • Again, employee policies, reminders, and enforcement are needed.
  • Automate that passwords must change every 90 days.
  • Mandate “strong” passwords – use available websites to test strengths.
  • No sharing! Ever!

Additional protection tactics:

Action

  • Regular, automatic software updates.
  • Segregated databases with passwords and encryptions for sensitive data.
  • Regular virus and malware updates, and complete scans.
  • Robust firewalls – both hardware devices and software.
  • Highly protected office Wi-Fi, and policies about use in public areas.
  • Automatic offsite back-ups – real-time/daily/weekly.

Resources =

Call Charles for a no obligation discussion about your concerns and questions.