In a world where computers are used for virtually all financial and personal transactions, the need to safeguard data is more important than ever. In the Internet age, millions of people are accessing electronic information databases every second. Failure to properly protect sensitive data could open the door to major threats ranging from identity theft to accessing classified information that could potentially harm national security. Security is not the only threat facing data managers. There is also the growing concern for defense against malicious viral attacks and catastrophic data corruption that could easily put a business in a legal bind. While most threats aren't on the level of starting World War III, businesses and individual lives can be devastated by the lack of protection concerning sensitive data. Proper data security techniques can minimize the risk of losing important and private information and should be a top priority.
Due to the importance of data and the often fragmented storage of such, it is vital businesses keep careful account of data and invest in ways to keep business data secure. This often presents a challenge for organizations because if data is breached, corrupted, destroyed or otherwise lost, this can put a company in major jeopardy.
The human element is one of the biggest factors associated with data loss. Human actions account for some of the biggest data loss issues that have occurred. Examples of human actions which harm data are downloading malware, accidental deletes, inaccurate data entries, stolen laptops, lost portable devices and a host of other scenarios.
By taking the time to educate everyone from top to bottom on the importance of protecting data and keeping it secure, people will have a higher degree of awareness and exercise more due care when handling data. Managers should understand they need to terminate access for former employees to ensure no unauthorized entry takes place once employment has been terminated.
Through education and awareness, management can put into place preventative controls to ensure accuracy, integrity and overall security of data. Listed below are some of these controls.
*Establish a Technology Policy
All businesses should develop and distribute a technology policy. At bare minimum employees should be instructed to strengthen passwords, change them semi-frequently and understand proper network and Internet use on company resources.
Once the policy is in place managers should be sure to follow up and enforce it is being followed. They key points addressed in a technology will go a long way in keeping data secure.
*Develop a Business Contingency Plan
While the advantages of business continuity plans are quite obvious, many businesses still do not invest the time, money and resources in developing
a good business continuity plan despite the fact statistics indicate that businesses who suffer a massive interruption or loss of data typically fail within a couple of years if a plan was not in place.
As a strong measure in protecting valuable data managerial decision makers should realize that information security is just an important process as accounting, marketing, sales and other components of a business. While information security does not bring in the revenue, it is the process that ensures the other processes can be completed; if data is lost, then what?
Putting together a good business continuity plan which accounts for data and storage of such is vital.
*Regularly Back-up Data
This is really a part of the business continuity plan, but it important enough to mention on its own too. At the very least companies should invest and plan for good backup of data. This could be through daily, interval or sporadic back-up. The frequency should be determined by an analysis to determine risk and critical level of information.
Transactions such as financial ones, reservations and other timely activities should be backed up frequently; other data such as employee data can afford to be backed up less frequently.
As another proactive measure to keep business data safe companies would be wise to invest in a good firewall and an anti-virus program; also to keep these software programs updated. While software alone cannot protect data as it takes a combination of software, human action and planning, it does help.