Protect Your Data from Loss
While most business leaders understand intellectually that there are risks associated with digital data, many adopt an “it-can’t-happen-to-me” approach and fail to take steps to address it.
However, digital risks, including cyber attacks and data loss, can happen to any company at any time, regardless of size.
For example, earlier this year Living Social, a major daily deal site, fell victim to an attack that affected more than 50 million users whose email addresses, passwords and personal information such as birth dates were compromised.
Even small businesses are at risk, and thousands of businesses are impacted each year. “Many people mistakenly believe that building business resilience involves preparing for the worst-case scenario,” says Donna Childs, founder and chief executive of Prisere LLC, a disaster risk reduction advising company. “However, businesses need to begin by protecting against everyday disasters, such as the loss of a laptop or a computer virus. This approach provides an immediate benefit against a more imminent threat at a more reasonable cost, while gradually building protection against the more serious risks.”
Compromised data
One of the biggest risks — and one that often gets the most publicity — is compromised data. This includes hacked systems, employee data theft, and stolen or lost devices such as laptops and cell phones. Data can also be compromised by viruses, which are often downloaded inadvertently through emails and software.
To protect against compromised data, businesses must ensure that their network security is in top shape, Childs says. This includes establishing and observing appropriate protocols, such as ensuring employees set up hard-to-guess passwords and setting user access boundaries that only allow certain users to access certain files, i.e., only human resources employees can access personnel records.
Businesses should also set up security protocols for technological equipment, such as laptops and tablets. These items should not be left where they can be stolen or accessed by anyone other than the employee, and if they are lost or stolen, they should be able to be wiped remotely.
In addition, businesses should always ensure their network security software is up to date, run scans regularly and back up important data.
“Backing up data on hard drives, disks or thumb drives is better than not at all, but those can be lost or stolen, as well” Childs says. “The best way to back up your data is to do it online. Once you schedule your backup for a certain time each week, you don’t even need to think about it.”
Unexpected risks
Businesses face digital risks from natural disasters, such as Hurricane Sandy, or terrorist events, such as the Boston Marathon bombing.
Prisere is Childs’ second business — her first, Childs Capital, a company that specialized in international economic development, was located near the World Trade Center and was impacted by the terrorist attacks of Sept. 11, 2001. The business is featured on the Department of Homeland Security’s website as an example of a company that was well prepared; it had a comprehensive contingency plan and was back in business within a week.
“Businesses need to make sure they have continuous access to their data and applications,” Childs says. “For example, if you’re displaced from the office, you can still operate remotely by going online and accessing your data. To do this, businesses need to have a remote access plan, establishing a secure connection and making sure the necessary data is available. And you and your employees must practice the plan to ensure that it works.”
Periodic practice and training are essential, Child says.
“Digital risks recede into employees’ memories and they become complacent about security,” she says. “Although it sounds simple, employees need refreshers on things such as not writing down their passwords and leaving them for others to read, or leaving their computers unattended without an automatic password lock. This training ensures that the information is current and employees are periodically reminded of it.”
