Over 78 percent of business and organizations have had their data breached in 2010 and 2011, according to a Ponemon Institute Study. Even with the advent of new security programs over the last year or two, companies still continue suffering data breaches. Insiders, negligent employees and hackers may all pose threats to data security and integrity.
Data may be breached in many ways, not just electronically. Types of security risks include yourself and your employees, too. Creating an informations security risks list may help you prevent or at least minimize data breaches that are caused by humans. Data may be breached in several ways, including:
Theft by those who have access to any sensitive data at your business. Insiders who may have a grudge, former employees and criminals will steal information to make money off the sale of that information.
The loss of media through inadvertent exposure is another common way to experience a data breach. Ensure backup tapes and disks are in a locked storage facility. Put tracking devices and secure laptops with difficult security codes or fingerprint recognition in the event that they get left behind in public transportation or on a plane.
Neglect is a major concern that comes in the form of old computers being recycled or sold. Even if you delete the information on the hard drive, it is still accessible unless it has be properly erased. With just a few tools, deleted data may be restored. Plus, keeping data on the computer without properly password-protecting and encrypting it leaves your information open to hackers.
Always consider that anything and anyone could be a risk, including you, your most trusted management, employees, IT security risks and other top information security risks such as paper documentation not properly stored or disposed of. Company data breaches not only threaten your customers' information, but it also threatens the livelihood of you and your employees. If the breach is severe enough, it could affect your entire company.
According to Thycotic, 87 percent of business owners use a personal cloud account or personal email to upload work files and 51 percent of companies' senior managers take files with them. Your company should provide regular information security training and have a strong written security policy in place. The security policy needs to include password protection policy.
Not only is digital security important, but security for physical documents is also important. Sensitive files should be locked up. When it's time to discard those files, they should be in a locked box that will go to a shredder such as Carolina Shred. Often, people spend a lot of time and energy on digital security and forget about documentation security.
Employees and managers alike should keep their desks clear of documents, especially sensitive documents. As soon as you are finished with a document or notes that you do not have to keep, it should go into a locked shredding bin. When it's time to clean out the files, those that you no longer have to keep should go into the locked shredding bin. In addition to the bins being locked, they should be kept in a locked room away from janitorial staff and other non-authorized people.
Don't forget about other office equipment. Fax machines store information and should also be password protected, especially if they are attached to the server. Keeping a secure file exchange program also helps with IT security concerns.
If you do not have a secure shredding system, contact Carolina Shred to set up a consultation. We even shred hard disk drives, USB drives and other media, which can be some of the greatest IT security concerns facing businesses today.