Data loss can encompass both physical data and electronic data, and can be caused by a number of factors. Generally speaking, there are three types of data an organisation holds. These are:
- Customer or user information such as names, addresses and other personally identifiable information about a person
- Operational information such as business processes or information about staff
- Intellectual property related to products, services and ideas
It is vital you have a strong information security strategy in place to ensure you protect all of your data and protect your organisation against unrecoverable damages.
Information security refers to the protection of ALL data, and should not be confused with cybersecurity that purely protects computer based data. Although cyber threats are increasingly gaining airtime in the media, there are still a number of other factors that can cause data loss. The sources of damage will usually fall into one of three categories: internal error, mechanical failure or external attack.
The sources of damage will usually fall into one of three categories: internal error, mechanical failure or external attack.
How to protect against an internal error
You need to ensure you promote a security culture and that employees appreciate information security is everyone’s responsibility. The top tips you should encourage your staff to follow to keep information secure are:
- Don’t make data visible for others i.e. on walls facing windows or content left on a printer
- Never share or write down your passwords
- Don’t let people without ID or a pass through the door without questioning
- Lock your computer screen when away from your desk
- Keep your desk tidy
- Dispose of information correctly such as via a shredder
How to protect against a mechanical error
It is vital that you ensure measures are in place to backup all data. A single point of failure when storing information about your customers, your business or your intellectual property simply isn’t good enough in an age where we rely so heavily on technology. A policy with robust backup procedures is imperative to ensure you protect against data loss through mechanical fault.
How to protect against an external attack
External attacks can take a number of forms, such as phishing, spam and DDoS attacks, to name a few. Appropriate security measures should be taken to detect and prevent unauthorised access to data.
The human factor is usually the most dangerous part of an external attack, as employees are often unaware that they could be opening harmful malware files or creating a gateway for criminals to extradite important company information.
It is therefore important that you combine staff training and awareness with a powerful security solution. The use of web filtering, perimeter firewall, anti-malware and intrusion detection builds a complete protection package that starts to make infiltration of your network more difficult for cyber criminals. Usually they prey on weaknesses within a network or system and therefore by proactively implementing a robust security solution, you’re warning the cyber criminals to go elsewhere.
Unfortunately, data loss is part of everyday life. We regularly throw away bills or statements without disposing of the sensitive information correctly; people lose bank cards or driving licences; and we often unknowingly enter our personal details into unsecure websites. Organisations must take on the responsibility of educating employees on the importance of information security in order to protect their employees in their personal life but also to ensure that operationally, the data they collect and use is protected.
For more information on how Smoothwall can help to provide you with a complete end to end security solution, click here.