Few things are publicized as quickly as data breaches these days. Unfortunately, it seems every few days another company makes the news with reports that its customer data may have been stolen. At Cloud Carib, we have an impressive array of security options for our customers to choose from, but an organization’s data is only ever as safe as the staff keeps it. Hacking threats are only one type of security breach that companies need to be aware of. Let’s look at how your staff can play a key role in protecting customer data.
Know What Data Needs Protecting
In any organization regardless of industry, all data can essentially be categorized three ways. Public data such as general company info can basically be handed out to anyone without much of a threat. Confidential data would be anything that only employees of your company should have, like customer lists for instance. Then there’s restricted data. This type of data should only be seen by certain departments or perhaps only a few key people inside a department, such as customer account numbers. Make sure all data has been broken up and placed into one of these three categories.
Train Your Staff
Your employees are the ones who will be handling and potentially sharing all three types of data. When it comes time for security training, be sure to cover more than passwords and locking computers. Everyone in an organization needs to understand the three types of data and what the security protocols are for each.
Restricted Data Must Be Encrypted
Corporations do a good job of encrypting data on their own servers, but it’s not uncommon for the staff to save frequently used data somewhere more convenient for them to access, like their desktop PCs or mobile devices. Make it policy that all restricted data must be encrypted anywhere that it is saved, including in the cloud. Encryption adds another layer of protection. Make sure employees are comfortable using and saving encrypted data.
Secure and Track All Mobile Devices
This doesn’t just go for smart phones, but includes tablets, laptops and flash drives. Even CDs and DVDs if they are still in use in your organization. Basically, if data can be saved to it and it can leave the building, you need to know who has it and where it’s going. Keeping data encrypted will help in the event that something is lost, but you can’t ensure encryption is happening if you aren’t tracking employee usage of these items.
A lot of time and energy is spent making sure network and cloud systems are secure, and it should be. We spend a lot of time protecting from an outside attack, but it can be just as important to look at these on-site security risks as well. Keeping all employees accountable to these four tenants will go a long way to ensure a data breach doesn’t happen from the inside.