Threats to your data security can arise from both outside and inside your organization, and can occur through broad-targeted bot attacks as well as direct, malevolent activity from ex-employees, disgruntled customers, or hackers. Protecting your financial data and your clients’ personal information from identity theft is becoming more necessary as even large companies are being breached. Fortunately, protecting a small business is cheaper and more manageable than securing the giants. Here are some tips to keep your data secure.
1. Limit Physical Access to your Data.
Locking your server and data storage inside your office might not be enough. We recommend further locking it down – a lockable ventilated closet is a great place to have your server reside. If a closet isn’t available, a physical metal brace can be fastened to a desk. Ideally, your server should be under lock-and-key with only a couple of employees holding the key.
2. Change Your Default Passwords.
This may sound obvious, but many times this simple step gets overlooked. PC and Server passwords are easy to change – but take a look at your router and modem passwords as well. Many major suppliers send network equipment out with a default password which is the same for each device, creating an entry point into your network which is often overlooked. Step one on a new router or modem installation should be to change the default password on the device.
3. Encrypt Your Data.
Data encryption is a must-have of any office with medical, financial or client data. The biggest threat comes from lost or stolen USB or external hard drives used as backup media. Your entire database of information can be reduced to a small, 2-inch device – so, make sure the device supports encryption. Workstation data can also be at risk – documents created in e-mail, Excel, Word, or any other third party app by you or your employees will not be encrypted by default. Finally, e-mail encryption is an affordable service which ensures point-to-point encryption on your sensitive e-mail communications.
4. Update Your Software.
Windows and Mac OS security patches are released regularly. We recommended automating updates to occur off-hours. However, it doesn’t stop with your operating system; Java and Adobe Flash have been known to have security issues and frequently patch security threats, and any data management software used is likely to also have vital updates. If you have more than a handful of PC’s and employees, train them to run these updates – or add the responsibility of third-party patching to an I.T. maintenance contract.
5. Conduct a Security Audit.
If you do not know where your database resides, or don’t have a clear picture of how data moves around your network, then you probably can’t secure it. Having a professional audit your network infrastructure is a good way to determine weak points in your network. Additionally, network scanning software can be used to document vulnerabilities, and produce before- and after-pictures of networks undergoing a security overhaul.