Protect your data: Top ten “need to know” tips

By Admin
With breaches happening on an almost daily basis, it's critical to establish rules and processes to keep your data safe and secure. The following ti...

With breaches happening on an almost daily basis, it's critical to establish rules and processes to keep your data safe and secure.  The following tips, designed to help you build a sustainable path towards data security, were inspired by the FTC.

Don’t Make Security an Afterthought

Think before you collect.  Is it necessary and does it add value to capture personal, sensitive information from your customers and prospects?  Or does it just open up additional risk?  If you absolutely need to collect sensitive information, don’t hold on to it longer than necessary.  Set an “end date” and follow through with securely destroying the info.  Security shouldn’t be reactive but proactive.

Stay In Control

If you need to hold on to sensitive data (it’s a business must), then how do you keep it safe from prying eyes – both inside and outside your organisation?  Answer: limit access.  Does your summer intern need wide-open access to corporate IP to do her job?  Probably not. Implement a system for periodically reviewing entitlements to ensure people only have access to the information they need. Your auditors will thank you.

Passwords and Authentication, Please

You’ve got sensitive data and want to keep it safe. Requiring complex passwords (by the way, “password” is NOT complex) that include multiple elements (caps, numbers, minimum characters) and changing them on a quarterly basis makes it hard for hackers.   Even better: require two-factor authentication, disable access after a specific number of failed login attempts, and protect against authentication bypass to really “up” the proverbial ante.

Share It Securely

Sure, your internal network is secure. But what if you need to share your data outside the firewall? One way to do this securely is with a data file sync and share solution that works with your existing permissions and authentication infrastructure.

Who’s Knocking on Your Door?

Do you know who is accessing what computer at all times?  Probably not. So protect yourself – and your sensitive data – in a separate, secure place on your network.  Limit access. Even better, continuously monitor your file access activity with a solution that makes it easy to see and address suspicious, unusual behavior before it’s too late.

Remote Control

Isn’t telecommuting great? It allows employee freedom and increased productivity. But it can be a security nightmare. The key idea is to allow remote connections, but restrict the ability to re-login to other desktop and servers. We really want to make it difficult for hackers to leapfrog around your network. This can be accomplished by enhancing security of the Remote Desktop feature in Windows. You can read more about how to do it here. 

Keep It Under Wraps

Is your organisation developing a hot new product or solution? Have you thought about how your customers will use it and whether it needs to be secure? Make sure your developers are up to scratch with Privacy by Design principles, and the latest best practices in safe coding. In addition, know thy platform security guidelines – no need to recreate the wheel. Finally, testing is key!  While not every threat can be anticipated, testing for common vulnerabilities ensure security at the gate.

Who’s Got Your Back?

You probably work with service providers and other contractors. But do they share your passion for security? Make sure your standards are being met by including your security requirements (for example, encryption, two-factor authentication, data retention limits) in contracts and service-level agreements. Remember to stay active and always monitor your controls to ensure that your security expectations are followed and your users aren’t inadvertently exploited.

Make a Plan, Stan

You’re secure – for now.  Unfortunately, security isn’t static and so to remain compliant you’ll need to stay on top of your systems and technology.  This means making a plan that includes monitoring third party software, performing updates, and faithfully implementing patches.  In addition, pay heed to security warnings and notifications!  Develop an action plan! If a vulnerability has been exposed, be proactive and take the steps necessary to protect your data!

Physical security

Network security is critical. But what about computer hardware, as well as paper files and all the miscellaneous stuff that makes up a typical office environment? Does your company have a security policy for the non-virtual world? Rule #1: keep important papers and other physical IP in a secure place (locked file cabinets, secured server rooms, etc.).  Laptops should have secure-login and hardware-level password protection set. What about old computers, servers, tapes, and disk drives?  What may appear as trash to you could be a gold mine to hackers.   


Featured Articles

Manufacturing LIVE heads to Chicago in 2025

Manufacturing LIVE expands into in-person events, heading to the US with its sister events P&SC LIVE and Sustainability LIVE

What to see and do at GSMA MWC Shanghai 2024

At the 2024 GSMA MWC in Shanghai, guests will learn more about the future of 5G and IoT, as well as the role of mobile connectivity in manufacturing

EV Recycling Driven By Tata Steel, Nucor and Dowa Holdings

Market projected growth for EV recycling set to go from US$551bn in 2024 to US$768bn by 2029 with Tata Steel and Nucor embracing ferrous metal recycling

Brooke Weddle: Manufacturing Needs A Rebrand

Production & Operations

Immensa and Intaj Suhar partner to boost Omani manufacturing

Procurement & Supply Chain

Bain & Company Report: OEMs and Digital Transformation

Smart Manufacturing