The number of data breach occurrences that occurred throughout the world in the month of October 2012 is alarming. The most prominent breach involved the TD Bank’s loss of two backup tapes containing customer names, addresses and social security numbers. TD bank has not disclosed the number of customers affected, although it may potentially involve a large volume of customers from Maine to Florida. While this is the most publicized breach of the month, many other incidents have occurred during October:
- Five laptops containing personal information of 71,000 registered voters were stolen from North Carolina’s Robison County.
- Hackers breached a server at Northwest State Florida College, affecting nearly 300,000 victims and resulting in 67 incidents of identity theft.
- A laptop stolen from a Tennessee hospital contained the personal information of approximately 27,000 patients.
- A University of Georgia computer was hacked, potentially compromising the personal information of over 8,500 former and current employees.
Large organizations aren’t the only target of such breaches. In fact, according to Verizon’s 2012 Data Breach Investigations Report, more small businesses are increasingly being attacked. While your organization may not have the budget to implement detailed security plans similar to those of large corporate enterprises, simple, proactive measures can be taken to ensure protection of your business data.
Proper education about data security is key to implementing a companywide policy for your business. Simple, “common sense” day-to-day security measures can easily be taken for granted within a busy work environment. Yet your employees can act as a first line of defense for protecting sensitive and confidential information, once they understand various risks resulting from:
- downloading applications from unreliable resources
- ignoring security update reminders on electronic devices
failure to use SSL (Secure Sockets Layer) for transmitting and receiving sensitive information
- sending sensitive information (credit card or personal data) through unencrypted email
- failure to update to strong passwords
- inadequately protecting laptops when working remotely
Creating awareness for your staff can be extremely valuable. Once your employees have an understanding of threats and preventative measures for reducing risks, they are more likely to take a more vigilant approach that can even extend to protecting personal data at home.
Strengthening data protection procedures
Revisiting how your company currently protects its data is a good starting point for making improvements. Understanding where your critical data resides is crucial. If information is stored in multiple locations it may make sense to consolidate that data to fewer locations. The more places data is stored, the increased chance of exposure. It may make sense to utilize dedicated servers to segregate sensitive data from the rest of your network.
Backing up your data is equally important but only goes so far. In order to ensure data is fully protected, whether backed up manually or remotely, it is important to encrypt that data. If, for instance, a backup tape is lost or a laptop is stolen, encryption will decrease the likelihood of your business data being compromised. Your company’s backup rotation schedule should also be supported by an offsite digital media vaulting solution. Transfer of backup media to a secure offsite location allows for:
- long-term preservation
- regulatory compliance
- protection from disaster
- digital record security
Archives Management Centers provides data protection solutions to businesses throughout Palm Beach, Martin, St. Lucie, Indian River and Okeechobee County. For more information, please contact us by phone or fill in the form on this page.Share