The recent high profile hack of the Ashley Madison database released some particularly sensitive information, the names of members of a dating site established for married people to facilitate affairs.
Naturally the backlash has been enormous, with many lives seriously affected. Embarrassment, divorce and job loss have resulted. Another major impact of this has been the growing concern about information security. The hack has got everyone talking about just how safe our information is when we put it out on the web or serve it up to companies online.
If there’s anything we can all learn from this, it’s that businesses of all varieties need to put in place robust security measures to protect their sensitive data. You may not be handling information of that level of sensitivity, but you have a strong responsibility to protect the data entrusted to you by customers.
Here are a few tips on good data security measures that every company should try to uphold:
Be wary of physical security
Data security is also about keeping your physical environment safe from threats. Change the key-code or door-lock combinations regularly so only those authorised have access to your office or workplace. Institute a policy of access logging, so you know who’s where at what time.
Have defense mechanisms in place
According to the business insider, a firewall is a must. A good firewall will protect your information by controlling internet traffic coming in to and flowing out of your business. Antivirus and anti-malware software are also essentials for your online security, in case you are the victim of an attempted hacking.
Check up on things as much as possible
Perform background checks on personnel who you intend to give access to sensitive data to, including third-party contractors who might handle your data.
Encourage personal responsibility among employees
Make sure it’s clear that all employees must play a role in data protection. There should be certain information with restricted access for management, but further to this, employees need to have their own individual username and passwords. Strong passwords are recommended, which contain 8-12 characters and include numbers as well as uppercase and lowercase letters.
Employees should regularly change their passwords, and never share them with anyone inside or outside the organisation. Also, ensure employees are responsible for their work laptops and mobile devices. As they are portable, they can be a higher risk of theft, and therefore should also have a remote wiping function.
Don’t forget backups
It’s important to have your information backed up somewhere and to backup regularly. However, data security needs to be controlled wherever data is stored. Make sure all of your backups and archives are secure, as well as the process of performing recoveries and backups.
Only work with organisations that prioritise data security
Sharing your data, or the data of your clients can at times be unavoidable, especially if you are a marketing agency or anyone who regularly conducts business with the data of other companies.
Make sure any communications companies you work with, or services you use to conduct business, are like-minded companies with strong data protection strategies in place. There are a number of key indicators of information security conscious organisations, including qualifications such as ISO27001.
Of course, this is just the tip of the iceberg. There are lots of practices that can help keep your information secure. If you’d like to learn more about data security, or communication, get in touch today on 1300 764 946.