With no less than two-thirds of IoD members now using remote cloud-based storage services to back up their files and data, new regulations are set to come into place which will increase the onus on businesses to keep their data safe, and impose fines on those who fail to do so. How can business leaders avoid falling foul of them?
- Limit data access
An employee cannot change or delete data, accidentally or on purpose, without access to that data. Of course, your staff need access to certain data to do their job, but Microsoft Windows allows administrators to grant different access levels according to user names and passwords.
- Pay for privacy
Currently, less than a third of IoD members use virtual private networks (VPNs), but these are well worth considering as they allow employees to securely contact company systems from anywhere. Money worth spending, given that the alternative is employees being vastly less effective outside the office.
- Being transit-savvy
Data is at its most vulnerable when moving from A to B, so always encrypt before sending it off – whether virtually or via snail mail – and get your IT department to enable security protocols such as SSL and IPSec when sending across the web. Bear in mind: data protection legislation needs to be complied with when transferring data outside your business.
- Keep it convenient
Security being paramount should be part of your company culture, but too many complex procedures may encourage employees to take short cuts (insist on five passwords per person for five different systems, for example, and it’s only a matter of time before someone’s end up hand-written and displayed for all visitors to see on post-it notes stuck on monitors).
- Back up – securely, regularly, remotely
If you are backing up manually – whether via the Cloud, external hard-drives, USB sticks or in-built Microsoft/Apple applications - keep previous backups for a certain period, so that you can skip back to a particular point in time rather than just the most recent data duplication. State-of-the-art online back-up systems offer remote replication of your data in real time, as it is generated, and also put the responsibility of regular backups into the hands of the service provider. Either way, ensure that one individual in your organisation is responsible for back-up procedures.
The IoD has published its latest cyber security report and ‘how to’ guide on 27 March 2017.
Find out more