There are two main ways you can lose data or face a breach, deliberate and non-deliberate.
Deliberate attempts to breach data or data loss typically come from criminals who have focused their attacks on cyber security or your own unhappy employees. As a business owner it's important to be sure that your data is secured from those who may want to access it for nefarious reasons. Here are a few steps I suggest taking:
- Install a firewall and get it professionally managed. Whether you have someone on your own staff you trust to manage blacklisting and whitelisting or you want to outsource it to an IT company, be sure that you're going over regular reports of this activity.
- Set up stringent permissions to your network. Not every employee needs the same level of access, and those who operate outside of the office should have a "kill-switch" to terminate their remote access immediately should the need arise.
- I know you've heard it before, but you NEED to have robust passwords. They should be difficult to guess and I highly recommend forcing your employees to change them every 90 days.
- Train and educate your staff on cyber-security.
- Be vigilant and exercise caution! Spam filters don't catch everything, never open an attachment unless you're 100% sure it's safe.
Non-deliberate data loss or breaches can arise from hardware failures or lack of software, such as anti-virus and web protection. All hardware eventually fails. Be sure you have backups in place to minimize downtime and try to replace hardware regularly. Software also requires regular maintenance and updates. The following can help you avoid downtime:
- Always have up to date anti-virus, run scans and keep it up to date. Web protection offers an extra layer of security to your terminals, which can block certain websites or malicious websites.
- Back up PCs and Servers remotely.
- Keep computers and servers in safe environments. Make sure that they are being maintained by someone who's experience and expertise you trust.
- Ensure devices owned by employees are secure and protected, and if they leave the company or lose the device, you can lock down data easily. Any device accessing your network is a risk. If employees are accessing the network from their own devices consider implementing security standards for those as well.
Budgeting your data security for 2017 can be a daunting task. Managed Services is an affordable solution to meeting your compliance and security needs at a consistent flat-rate. You can contact me at firstname.lastname@example.org for a free network evaluation. Let me help you fit data-security into your budget.