Cybercrime incidents are snowballing, and no business, small or large, is invulnerable. The rates of attacks rise and so does the price tag on recovery, which includes financial losses, reputation and operational capacity.
Combine this with new European compliance responsibilities in the GDPR (General Data Protection Regulation) for US multinationals in their privacy incident reporting, and it's no wonder that a lot of us are desperate for a basic yet concrete plan to address data security issues.
[Cyberhub Summit is Coming back to Atlanta, Ga | October 9-10, 2018 - Cyber Security education for executives and business owners and Powerful Networking. | Get the latest from Cyberhub Summit by signing up for their newsletters. ]
With this in mind, we have created a basic 5 step guide to making data less vulnerable. Take a look and incorporate as many steps as you can into your own data protection strategy.
Take an Audit and start categorizing
Recognize the type of data you possess and identify where you are storing it. Before you can build a significant line of cyber security defense, you have to know where to start.
If your data is stored in the cloud, on your hard drive or in emails, encrypted files etc., you will need to be able to identify the potential vulnerabilities of each area. This in turn will help you define your organizational risk/level of exposure and prioritize what is more important, (which one you will be more willing to invest more time and money into).
Focus on the details
Your plan should begin and end with the data you are trying to protect.
Rather than focusing on the security of your phone or laptop, think of protecting info first and then work outward.
So, start with encrypting the most important identifiers on your personal data that could lead to identification in the digital context. These are wide ranging but think Passwords; IP Addresses rather than more obvious bank details and credit cards.
Get Data Backed up
This involves making copies, sometimes on a daily basis and storing these backups in differing locations. Lifewire recommend five different ways to back up your data including storing data in: The Cloud; On an External Hard drive; Burned to a CD, DVD or Blu-ray; USB or NAS device. The cloud storage usually provides end-to-end encryption with free storage and reasonable prices for additional storage. The big names in Cloud services are iCloud, Google Drive; OneDrive and Dropbox.
External hard drives connect to the laptop or computer and are easy to use, you can also schedule a backup. Burning to a CD, DVD or Blu-ray is reliable and used to be very popular, it's far less popular now because it is so slow and who has a CD drive now anyway?
USBs are everywhere, they are small, cheap and they provide a semi-durable solution to your storage needs. Finally, NAS (network attached storage) is a server that can display as another device drive on your computer, effective but expensive.
4. Install a Gatekeeper
Antivirus software is the "gatekeeper " for your devices, it protects your systems from incoming malware threats and searches through your system with scans to look for viruses and worms. The Antivirus must be able to keep up to date with continual changes in the threat landscape, so don't hesitate to update.
At the same time, implement a firewall. This is a hugely important system that safeguards you against a number of security dangers, prevents the spread of malware and alerts and prevents unauthorized access to your device. Yet again, keeping your firewall up to date is critical.
5. Use strong passwords
This is always on the list of security measures. Getting a particularly strong password will prevent many cyber-attacks. Adding multi-factor authentication onto your passwords, although slightly inconvenient will simply strengthen this.
This model should be extending to manage user accounts, where you guard over your clients' details by restricting staff access. If you configure the system, so that only pertinent staff can access relevant issues, clients will feel safer and you will be improving data security.