• some image

ACS Data Security Solutions

  • some image

Six Essential Processes for Keeping Data Secure

by: Christine Andrews

What is Data Security?

Data security refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle. Data security includes data encryption, tokenization, and key management practices that protect data across all applications and platforms.
Data is one of the most valuable assets a business has at its disposal, covering anything from financial transactions to important customer and prospect details. Using data effectively can positively impact everything from decision-making to marketing and sales effectiveness. That makes it vital for businesses to take data security seriously and ensure the necessary precautions are in place to protect this important asset.

  • Know exactly what you have and where you keep it
  • Train the troops
  • Maintain a list of employees with access to sensitive data – then minimize
  • Carry out a data risk assessment
  • Install trustworthy virus/malware protection software and run regular scans
  • Run regular backups of your important and sensitive data

Know exactly what you have and where you keep it -

Understanding what data your organization has, where it is and who is responsible for it is fundamental to building a good data security strategy. Constructing and maintaining a data asset log will ensure that any preventative measures you introduce will refer to and include all the relevant data assets.

Train the troops -

It is crucial to ensure your staff is aware of the most common and destructive mistakes are due to human error. For example, the loss or theft of a USB stick or laptop containing personal information about the business could seriously damage your organization's reputation, as well as lead to severe financial penalties. It is vital that organizations consider an engaging staff training program to ensure all employees are aware of the valuable asset they are dealing with and the need to manage it securely.

Maintain a list of employees with access to sensitive data – then minimize -

Sadly, the most likely cause of a data breach is your staff. Maintaining controls over who can access data and what data they can obtain is extremely important. Minimize their access privileges to just the data they need. Additionally, data watermarking will help prevent malicious data theft by staff and ensure you can identify the source in the event of a data breach. It works by allowing you to add unique tracking records (known as "seeds") to your database and then monitor how your data is being used – even when it has moved outside your organization's direct control. The service works for email, physical mail, landline and mobile telephone calls and is designed to build a detailed picture of the real use of your data.

Carry out a data risk assessment -

You should undertake regular risk assessments to identify any potential dangers to your organization's data. This should review all the threats you can identify – everything from an online data breach to more physical threats such as power outages. This will let you identify any weak points in the organization's current data security system, and from here you can formulate a plan of how to remedy this, and prioritize actions to reduce the risk of an expensive data breach.

Install trustworthy virus/malware protection software and run regular scans -

One of the most important measures for safeguarding data is also one of the most straight forward. Using active prevention and regular scans you can minimise the threat of a data leakage through hackers or malicious malware, and help ensure your data does not fall into the wrong hands. There is no single software that is absolutely flawless in keeping out cyber criminals, but good security software will go a long way to help keep your data secure.

Run regular backups of your important and sensitive data -

Backing up regularly is often overlooked, but continuity of access is an important dimension of security. It is important to take backups at a frequency the organization can accept. Consider how much time and effort might be required to reconstitute the data, and ensure you manage a backup strategy that makes this affordable. Now consider any business interruption that may be incurred and these potential costs can begin to rise quickly. Remember that the security of your backups themselves has to be at least as strong as the security of your live systems.

Christine Andrews is managing director of data governance, audit and consultancy firm DQM GRC. as seen in ComputerWeekly.com published July 2016