Top Ten Ways to Reduce Your Risk of a Data Breach:

September 2, 2015  by Alex Chesko

cyber liability
It seems like every week brings news of another major company getting hacked and compromising the personal data of thousands of customers.  Cyber crime is one of the fastest-growing criminal activities in the world.  While it may be nearly impossible to completely prevent a skilled criminal from breaching your system there are some very simple things you can do to drastically reduce your risk of experiencing such an event.  

Here are our top ten ways to reduce your risk of a Data Breach:

1. Conduct a top-down risk assessment. Identify what data is collected, what is needed, who can access it, how it is stored, disposed of, and monitored. Consider a consultation with a credible IT security firm to assist with this assessment. Make sure you’re only storing the data you need, and that it is only accessible to employees that need it.

2. Encrypt your data. Data should be encrypted while on-site, off-site, and in transit. Encrypting all drives & devices, as well as email transmissions greatly reduces the risk of that data being compromised. Encryption is probably the item on this list that can have the greatest impact on reducing your risk.

3. Make sure all of your software/operating systems are up to date with the most current security updates & patches. This closes many of the doors opportunistic hackers seek to exploit.

4. Back it up! Creating daily on & offsite backups can give you instant access to uncorrupted data. It can greatly reduce downtime after a breach event and can help security experts pinpoint exactly when a breach occurred.

5. Make sure mobile devices can be wiped remotely if lost or stolen. There are also several apps that allow you to locate a missing or stolen device through the use of GPS.

6. Immediately deactivate network access upon termination of employment. This should be a no-brainer but a surprising number of breaches occur every year because a disgruntled former employee still had access to the company network. 

7. Require all users to change their passwords regularly. Make sure your password requirements include a mix of upper & lowercase letters, numbers, and special characters.

8. Securely shred any paperwork that contains sensitive data. Make sure the dumpster outside your office doesn’t become a buffet of information for data thieves. Any documents that contain personally identifiable data should be shredded.

9. Educate your staff on data security. When an employee is educated on how to keep customer data secure and avoid obvious phishing scams and malware you can effectively reduce the chance of a breach event. Foster a culture of data security awareness.

10. Secure a Cyber Liability policy and have a Data Breach response plan in place. Knowing exactly what to do and who to contact when a breach is discovered can reduce downtime, reduce your legal liability, and help you avoid costly fines & penalties. The right policy can mean the difference between a successful recovery and closing your doors for good.