October 9, 2019
by Monserrat Toledo
Long-time ago, epic thefts started with big elaborated plans that aimed to gain access to the vault. Nowadays, you just need a little bit of data to cause the same amount of damage. That’s the reason why you need to shelter sensitive data that your company keeps because if they get exposed it can cause serious damage.
Your data may be exposed in multiple ways:
An employee accidentally leaves a flash drive on a cafeteria table. Hours later he returns to get it, but the drive with hundreds of important personal information is gone.
A worker throws away a bunch of old company bank records into the trash, where a criminal can find the after office hours.
A thief steals files and computers from your office after entering through an unlocked window.
Every single one of these situations can put your company in danger, that’s why we leave you this post with some tips that can help you reduce your risk to experience a leak of information.
When paper files or electronic devices contain sensitive information, store them in a locked cabinet or room.
When records or devices contain sensitive data, allow access only to those who truly need it.
Remind staff members to put paper files in locked file cabinets, log out of their network and applications, and never leave files or devices with sensitive information unattended.
Keep track and secure any gadget that collects sensitive client information. Only keep files and data that you really need and keep control of who has access to them.
A breaking in, a lost laptop, stolen smartphone or misplaced flash drive, All can happen due to a physical security breach. But it is less likely to end in a data breach if the information on those devices is protected. We will show you a few ways to do that:
Demand passwords that are long, complex, and unique. Make sure these passwords are stored securely too. Consider using a password manager.
Require multi-factor authentication in order to access areas of your network that contains sensitive information. This needs additional steps further than logging in with a password – like a temporary code on a smartphone or a key that’s introduced on a computer.
Limit the number of incorrect login attempts allowed to unlock certain devices. This will help to protect you against intruders.
Encrypt portable media, including everything that contains sensitive data, like computers and thumb drives. Do it with every sensitive data that you send outside of your company, for example to an accountant or a shipping service.
Incorporate physical security to your regular employee training and communications program. Remind employees to:
Always shred documents that contain sensitive information before you throw them away.
Use software to erase data before donating or getting rid of old computers, mobile devices, digital copiers, and drives. Don’t ever rely on just “delete”. The reality is that it doesn’t actually remove the file from your computer.
If you need a guide on how to do it, here is a link for you.
Keep security practices even if you are working remotely from your home or on a business trip.
Every single member of your staff should know what to do in case equipment or files get lost or stolen, including who they have to notify and what to do.
If you still don’t have one but you want to start building it, check this link so you can prepare one
Even tho this post is about something that may seem old fashioned, it’s an important aspect that shouldn’t be put to the side if this subject is already taken care of in your company, we invite you to keep reading the post that we will be publishing during cybersecurity month.