Today, we live in a day and age where businesses are continually crippled by data breaches. From the 2014 JPMorgan Chase hack that compromised 76 million households and 7 million small businesses accounts, to the 2015 Anthem breach that exposed birthdates, social security numbers, addresses, phone numbers and employment information from the second-largest health insurer in the US. It’s evident that no organization is safe when it comes to data hacks.
However, data security within any organization can also be improved through new technologies, software defined storage, better training and common sense. It’s important to invest time and money in your data security initiatives in order to not only protect your business but also increase customer service and brand reputation.
Below are five ways organizations, both big and small, can ensure improved data security.
1. Manage who has access
First, as an organization, take inventory of what data every employee may or may not have access to. Determine which employees still need access and which do not in an effort to limit the amount of data access by employees/admins to a small, manageable number. In addition, have your admins determine which type of access each department/employee needs.
According to infoworld.com:
“Credential hygiene is essential to strong database security because attackers often, if not nearly always, seek to compromise privileged accounts to gain access to confidential data. Minimizing permanent privileged accounts reduces the risk that one of those accounts will be compromised and used maliciously.”
2. Know and protect your most important data
If a data breach occurred in the next hour, could you quickly identify your most valuable data? As a company, it’s important to take the time to identify what you consider the most valuable data and work on protecting that first.
Commonly referred as the “crown jewels” of data, this type of data usually makes up 5-10 percent of the company’s data, and if it were compromised, would cause the most damage to the company. Once identified, work on procedures to not only secure the data but also limit the amount of employees that have access to it.
3. Develop a data security plan/policy
Another important strategy when looking to improve data security is developing a data security policy. It’s important to have a plan in place when hacks and breaches occur and a plan that determines which employees need and have access to data, as mentioned above. Thus, these sorts of policies can keep employees in line and organized.
This policy should also be open to changes and edits as amendments will need to be made to match the growing technology innovations and new company policies. By having data access rules that are strictly enforced, the better you protect your data on a day-to-day basis.
4. Develop stronger passwords throughout your organization
Employees need to have stronger and more complicated passwords. Work to help employees develop passwords that are a combination of capital letters, numbers and special characters that will make it much harder for hackers to crack.
A good rule of thumb when creating a new password is to have it be at least 12 characters and to not include a combination of dictionary words, such as “green desk.” All and all, passwords should be unique to employees and difficult for computers to guess.
5. Regularly backup data
Lastly, it’s important to backup your data on a regular basis. In addition to hacks, loss of data is a serious issue, and organizations need to be prepared for the unexpected. As a business, get in the habit of either automatically or manually backing up data on a weekly or daily basis.
Also, make sure the backup data is equally secure from potential hackers. With a strong software program or IT department, it can help businesses fight off potential threats and build business values around the importance data security.
Avoid becoming the next major data breach story by taking action and initiative with your data security and protecting what’s valuable to your organization.
About the Author: Rick Delgado is a freelancer tech writer and commentator. He enjoys writing about new technologies and trends, and how they can help us. Rick occasionally writes for several tech companies and industry publications.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.