Data security in 2019 – the good news and the bad news for business
Keeping on top of your data security means protecting digital information from unauthorised access such as that which occurs in a cyber-attack or a data breach.
Here are some tips on the issues that businesses should be aware of in order to protect their data in 2019.
Multi Factor Authentication (MFA)
With the proliferation of Cloud delivered services businesses should be using MFA to provide a second layer of authentication (usually a code to a device that you carry with you). This ensures the person accessing the service is who they purport to be.
Security Services
This includes devices such as web cams and CCTV. It might seem a contradiction to the prime function of such equipment but using them to ramp up your security can actually end up undermining it if they are being accessed from the internet, as this requires ports to be left open making them, in fact, more vulnerable.
Passwords
When it comes to data security, we often think of password strength, but the biggest issue here is apathy. Businesses often have confusing and sometimes unworkable password policies, requiring staff to change their passwords every time they sneeze! This leads them to use ever more memorable passwords, inevitably feeding the online databases that collect them.
Training
This is an often undervalued line of defence. No matter how good the IT security policies and devices a business has in place, if its staff are not aware of the dangers and how to avoid them, they are often the route in for cyber attackers. All too often, untrained staff ‘leave the keys in the door’.
General Data Protection Regulation (GDPR)
Becoming GDPR compliant with an accreditation such as Cyber Essentials serves two purposes. It gives businesses and their staff the tools to get organised and manage some of the security risks with things like new starter and leaver procedures, breach logs and information on previous investigations which they can learn from. It also enables businesses to ensure their partners and suppliers are doing their part to keep data safe. Organisers should know what data they are sharing with suppliers and what the suppliers are doing with it – this can make all the difference in your defence against cyber-attack.
Backup
The need for a good, solid and reliable regular data backup cannot be over stressed. This is often the only way back from any data security issues such as ransomware or malicious data tampering.
