Rob Harrison, head of development at ECI Software Solutions, gives his top tips on how to ensure your data is safe
No matter the size of your organisation, the consequences of a data breach can be expensive and cause irreparable damage to your reputation. From paying a ransom for your data to notifying customers, resolving the issue will consume hours of staff time, as well as jeopardise the overall success of your business.
Here’s four top tips to help keep your business data secure.
Implement a robust backup strategy
For any business handling customer data, it’s important you have a robust backup strategy in place – that’s regularly tested. Cloud-based file storage is by far the easiest way to do this, as manual backups are prone to human error or oversight.
Cloud-based solutions can take care of the whole process for you, running automatic daily backups and file restore services as often as required.
Ensure you have an effective firewall
A firewall is an active filter that sits in between the internet and your business network, configured to let ‘good’ traffic in and out of your network and prevent potentially harmful traffic from moving in or out.
To avoid any harmful traffic making it into your system, it’s important the configuration of the firewall is set up correctly, as well as being reconfigured as and when required to protect against any new scams or threats.
Firewalls rely on software updates so it’s a good idea to have your firewalls checked and updated every six months by a security professional. However, cloud-based business solutions will ensure the highest level of protection as your business data is also stored off-site and managed by your software provider – making the chance of a breach highly unlikely.
Properly onboarding and offboarding employees
Onboarding and offboarding employees is a challenge for most businesses, but removing departing employees’ access from all business systems is critical to prevent both intentional and unintentional data security threats.
Implementing a written policy for new and outgoing employees – that is followed and audited annually, is important to help keep your system secure. The policy should clearly outline what level of access and to which systems an employee is granted depending on their role in the company, as well as request employees use complex passwords, do not reuse them, and ensure they are changed at least twice a year.
When an employee leaves the company, they should follow a clear set of procedures, giving up passwords and access rights to sensitive business information and sign a contract confirming that they will not pass any of this information on.
Preventing phishing attacks
Even in a well-secured environment, a misguided employee’s response to an information request can significantly compromise the security of your data. During the period of remote working, many businesses put additional measures and training in place to prevent employees falling foul of phishing attacks.
Often sophisticated, phishing attacks can occur through email, text or visited websites and will often impersonate a business or someone known to employees, requesting information or offering monetary gains. Educating employees on a bi-annual basis on how to best handle these attacks and enforcing strict security procedures when dealing with financial institutions, emails, and phone calls can eliminate a significant portion of risk. Meanwhile, sending updates on any of the latest sophisticated phishing attacks that are common will help employees be vigilant on where and who they are sharing information with.
Most cloud-based business solutions are designed to prevent these attacks and block the vast majority of phishing emails from making it into employee inboxes. However, should an employee click on a document that contains ransomware or other malware, a cloud-based solution will limit the impact and ensure your business data remains safe.
Learn how a cloud-based business management solution can alleviate many of the threats to your data’s security by visiting the ECI website.