Do your data security policies have "teeth"? Identity theft expert Robert Siciliano recently examined some of the must-haves for effective data protection. Here's a closer look at seven items every business should include in its data security policies.
The Ponemon Institute's "Cost of Data Breach Study: Global Analysis," released in May 2015, revealed malicious attacks can take an average of 256 days to identify, while data breaches caused by human error take an average of 158 days to identify. However, a business that develops data security best practices and educates its employees about the risks associated with malware, viruses and other cyber threats can protect its sensitive data at all times.
Technology research firm Gartner has predicted half of employers will require workers to supply their own device for work purposes by 2017. As more businesses embrace bring-your-own-device (BYOD), new cyber threats may emerge that put companies' sensitive information at risk. With a formal device management policy in place, a business can ensure company-owned mobile devices are used correctly and minimize the risk of a cyber attack.
How often do your employees change their passwords? And are your employees required to include a combination of capital letters, numbers and symbols in their passwords? A password management policy is essential for any business because it empowers workers to keep their sensitive information secure.
Does your business manage employees' email? If not, it could put its sensitive data in danger if an employee downloads malware, Trojans or viruses included in an email attachment. Fortunately, a company can develop clear standards related to email and data management to ensure its employees do not click on links or open attachments from unknown senders.
Developing a social media policy and enforcing it is paramount. Although employees may access social networks regularly, these workers may be unaware of the dangers associated with social media. As such, educating employees about the risks of divulging corporate data on social networks ensures these workers can reduce the risk of a data breach.
Establish limits for employee Internet use. By doing so, a business can ensure its employees remain productive and safe against cyber dangers.
All security incidents should be reported immediately. In addition, each incident should be investigated by an IT team to determine its cause, and ultimately, find ways to ensure such an incident does not become a recurring problem.
What are your thoughts on data security? Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at firstname.lastname@example.org.
October 18: Ready, Set, Scale: How to Make Money and Innovate at the Same Time
October 20: More Than a Service: Grow Revenue and Clients with Backup and Recovery
October 27: Responding to the Modern Day DDoS Attack
November 8: The State of Emerging Threats: Secure Your Clients — and Yourself
November 10: How MSPs Can Defend Clients from Ransomware
Watch Now: How to Help Your Customers Protect Themselves from Ransomware Attacks
For VARtweet sponsor info contact Amy Katz (email@example.com)
Sponsored Introduction Continue on to (or wait seconds) ×