What is data security?
Data security CANNOT be taken lightly!
It’s something that concerns us all
In order to protect and prevent sensitive and confidential information from falling into the wrong hands, it is important to:
- Know what digital assets are at play within one’s environment,
- Understand what the threats and risks are
- Have a security expert perform a Threat and Risk Assessment (TRA) if you don’t know what you have
- And pay close attention to just what type and how strong the data security mechanism in place are.
The more you know, the better
The more you know about what you have, the more secure you are.
What are we talking about when we say digital assets?
When it comes to digital assets, various factors come into play.
Types of digital assets
In the case of:- companies: we’re looking at corporate data such as financial information, employee records, customer information, research and developments (R&D), marketing strategies, etc
- government bodies: be it federal, provincial/state or local, we are looking at things such as national defense plans, social security numbers, tax reports, population statistics, etc…
- Financial institutions: we’re looking at everything related to big money, credit reports, credit card information and more.
Digital assets must be protected!
Digital assets can take many forms and are not just limited to the above mentioned.
Of critical importance is knowing the fact that, ALL are important, and ALL must be protected from intruders, at all times.
Data security concerns us all
It is critical that safeguards abe in place to ensure data security.
The better and more effective the security measures in place are, the more secure your confidential information is.
Basic data protection
Nowadays, computers are an integral part of our daily lives. Virtually everyone has a smartphone and/or some form of a computer (tablet, laptop or desktop) or both at home and, in the case of businesses and institutions, even more so.
Regardless of whether you’re an individual, a company, government body or something else, the information you have on those devices needs to be protected.
The first steps to take in protecting yours data, not to mention the easiest to implement and often times the least expensive, are having:
- An antivirus and internet security software in place.
- A good on-site backup solution in place.
Antiviruses with internet security protects you against malicious code that can infect your computer resulting in corrupt data or worse, open a backdoor allowing intruders to access your system and its data. The internet security built-into it provides basic security for devices on your network and blocks intrusion attempts.
Backup solutions protect your information against both data corruption and hard drive failures. They allow you to save your data on external medias such as tape cartridges and, by having it on-site, enable you to retrieve that data quickly and easily at any given time.
This being said, it doesn’t stop there. Especially when looking at large network infrastructures with petabytes of data! Data which more often than not, is of a confidential nature, and must be protected from unauthorized access.
When everything you've tried to get your data back, fails!
Your local backups are there to save the day!
Business data protection
Businesses and industries have massive amounts of data they need to keep confidential and protected against unauthorized access. Not to mention that as outline in our article the “The importance of data storage”, that information is growing at an exponential rate which makes protecting it a priority and, at times, a challenge as well.
Depending on the size of the organization, some businesses have a dedicated team of IT security experts whose sole purpose is to manage the data and insure it is secure.
Protecting and securing information
Important and absolutely necessary factors, that can't be neglected!
Bottom line, in the wrong hands, data can be misused and cause serious harm.Watch out for data breaches and data leaks
Data breaches are nothing new. They’ve been occurring ever since the first computers where built! This being said, it seems that they’ve been occurring more and more these days.
Although most businesses and organizations keep quiet about data breaches they’ve suffered, often times, when you turn on the news, you hear about another breach that occurred somewhere.
It’s a problem and it’s a problem that must be mitigated as much as possible.
The perils associated with data breaches
Data theft has serious and often disastrous consequences!
Whether we are talking about businesses or individuals, we all need to pay attention to cybersecurity and put in place measures to protect against cybercriminals.
The perils associated with data breaches are real and should be taken seriously
Data breaches can have far reaching consequences!
Just to name a few, they can result in the following;
Damaged reputation
Loss of confidence
Loss of data
Lost revenues
How can the situation be remedied?
Infrastructures and security policies
Unless you have a computer that is completely isolated, cut off from the outside world and accessible to no one, total data security is a myth!
This being said, by combining both software and hardware platforms, as well as having strong data security policies in place, there are ways to reduce security risks down to an acceptable levels.
Security measures
Below are some very basic and simple as well as, depending on what exactly your business requires, cost effective security measures, that can be quickly and easily implemented.
Some can be implemented by using off-the-shelf inexpensive security software, whereas others require more sophisticated, and more expensive, applications and / or hardware appliances.
- Strong password policies:
Strong password combining both letters and numbers that are easy for the user to remember but hard for others to guess provides some level of security.
Two-factor authentication such as RSA Security’s hard token two-factor authentication solution are even better.
- Strong firewalls/VPNs and intrusion detection systems (IDS):
Firewalls/VPNs protect your data from unauthorized access both from within and the outside world whereas intrusion detection systems are just that. Systems that detect and warn that unauthorized access attempts have occurred.
These can be implemented through software, specialized hardware appliances or a combination of both.
- Antivirus protection:
Protects your data against malicious code. These must be installed on all your devices (PCs, laptops, tablets, mobile phone and servers).
- Data encryption:
This is especially important for mobile devices as these can be stolen.
Most manufacturers of mobile devices provide a built-in solution to encrypt data stored on their products.
- Run regular local data backups:
As previously mentioned, a good backup solution protects you against lost data and, having it locally enables you to retrieve it quickly at all times.
As part of a good backup policy, full backups should occur at least once a month and those should be kept in a secure off-site location.
-- Data monitoring software:
Know where your data is at all times, where it is stored on your internal resources, where it’s going on your network as well as when it’s being sent to the outside world (ex: via email) and by whom.
Several good data security management software exist. These software have various settings that can be configured to monitor specific sets of data and notify you when suspicious activity occurs.
- Safely and securely surf the web:
Common sense prevails here.
Do not enter any personal information, banking and/or credit card information on sites that are unsecured.
When receiving emails from an unknown source, do not click any links nor open attachments, as these may send you to sites that can put malicious code on your systems or worse.
In conclusion
Data security is a never ending task.
It’s time consuming and in the case of large corporations and governmental entities, it can be costly. BUT, it’s something that must be done AND, in order to stay ahead of cybercriminals, it must be done on a continual basis.
Make sure that all your security tools and hardware devices are up to date and have the latest software and firmware revisions installed on them at all times.
In other words, buy the license update support contract. If your security software licenses are not up to date, they are useless and you become vulnerable to cyber-attacks and data breaches.
If you follow those simple rules, the chances of suffering a data breach will be greatly reduced.
Being an IT hardware broker , Data Telcom can assist you with your needs for firewall and VPN appliances as well as disk and tape backup systems.
