A Guide for the Prevention of Data Theft
Photo by dragon_fang - yayimages.com
In a previous article, we discussed some safety measures businesses can take to avoid cybercriminals from invading their servers.
A study from IBM tells us that in 2015 an average data theft loss exceeds 3.8 million dollars which is 23% more than the year 2013. Even with such momentous losses, many organizations are still not on their guard when it comes to protecting their data assets.
When it comes to data breaches, there are two types: the ones who haven’t suffered any instance of data theft and the ones who don’t know what it is. The crux of this deduction is that preemptive measures to prevent data theft are almost non-existent in the industry.
With that said, we will outline a preventive guideline for any case of data theft so you can protect your business from some irreparable, non-tangible yet significant losses.
Prevention Tips for Data Theft
There are some additional general prevention measures that should be taken to protect your data from any security breach.
Dispose of Hard Copies
Let’s start with the protection of an old medium to carry data i.e. paper. Even though things have been digitized for a long time now, in many business transactions, data still transmits in hard copies e.g. mail, credit offers, invoices etc.
For such information that is no longer in use and not part of recordkeeping, shred it as soon as you are done with it. The information on these papers might not be useful for you anymore, but it can be exploited by data thieves in many ways.
Depending on the industry you are employed with, your business might be subjected to government regulations that would make the process of securing hardcopies and electronic data mandatory. The health care industry has gone through a significant revolution in data safety. No more can physicians write hard copy prescriptions and all health information is now kept securely via digital means, called Electronic Health Records or EHR.
Prioritize the Significance of Data
While we are emphasizing the protection of data, it should also be understood that not all of it is of equal significance. Therefore, assessment of the importance of data should be carried out according to the company’s nature of the business. External data auditing firms can help you assess the data that you want to protect the most.
Restrict the Free Flow of Data within the Company
According to a report from InfoSecurity Magazine, more than 40 percent of the cases of data thefts are instigated by the people from within the company. These cases of inside thefts usually happen when the flow of information and data inside the company is not bound to restricted channels and where employers are putting too much faith on their staffers.
In order to restrict the flow of data within the company. Set up an environment where only relevant employees have access to a certain type of data. For instance, pricing information should only be accessible to the employees responsible for sales. Project and operational management don’t have anything to do with this information. With limited access, it will also be easy to identify the culprit in any case of data theft.
Implementation of Strong Passwords
Protecting the hardware of your company through strong passwords is the protective measure. A password of at least 12 characters, including capital letters, numbers and special characters is the recommendation for strong passwords. In addition, changing your password every 30 or 40 days is also recommended.
Protection of Your Wifi Network
Where hotspots have made things more convenient in life, this supple use of wireless technology has also made it very easy for criminals to breach into a network. Companies usually have many devices connected simultaneously to their Wi-Fi networks. These wireless networks can easily be manipulated to get access to the online traffic of the company to steal any valuable data stream.
When in an environment where you have access to a public wifi, do not, under any circumstances connect to any website that requires you to log in and never enter any private information even if you are not connected to the cloud.
In the times where aptitudes of lawful developers and cybercriminals have become neck and neck, cracking passwords has become a regulation job. Therefore, more companies are adopting multi-factor authentication.
You may have experienced this multifactor authentication while setting up a Gmail, Facebook or some other social media account. You can also make two-factor authentication obligatory in your company environment for the protection of your data from online threats.
Apart from these measures, some policies should also be outlined to protect your data from thieves.
Clean Desk Policy
This data protection policy has been in place for many years, but it is hardly ever practiced. Clean desk policy entails that every employee must exit the workplace without leaving any document and other pieces of information on their desks. You should also ensure that your desktop or mobile device locks out after a period of time. Depending upon your work environment, it should be anywhere from 5 - 15 minutes.
Use of a Personal Device
Employees and visitors oftentimes bring their personal devices to the premise of organizations. Try to set up a separate 'guest' network to facilitate all external devices. Implement and practice strict policies with the use of external devices so that your central network remains protected from any unwanted consequence.
Social Media Usage
Social media has become the biggest reality of modern human life. It has now become an inseparable part of everyday activity and also a den of online criminals. Therefore, you must protect your business from the shenanigans of social media. According to experts, many data breaches originate from the overly shared information on a different social media platform.
Thus, make sure that your employees use social media sensibly. You can arrange workshops to guide them further with the safe use of it. With all of this, you must also implement strict social media policy to deter the unproductive and sometimes harmful use of it on your premises.
You may also want to take a look at our article on data hacking prevention by fooling the cybercriminals. Essentially, utilizing the same techniques that they use. By acting upon these preventive tips and with the help of experts, you can create a protective environment to considerably diminish the chances of data theft.
Posted On June 16, 2018