No one has to tell you that corporate data theft is on the rise. What you do need to know is how to best secure your customer data in the event you face an actual or imminent threat. Start by following these suggestions:
1.Secure sensitive customer, employee data. Store paper files and removable storage devices containing sensitive information in a locked drawer, cabinet or other secure container.Restrict access to sensitive date to those who have a need to know. Make sure that all such access is noted on a log so that you have anOngoing history of who has sought such information.
2.Properly dispose of sensitive data- Shred, shred and shred. Remove all data from computers and storage devices before disposing of them.
3.Employ password protection to all mobile devices such as laptops and smartphones. Create unique user names and a strong password that is changed periodically.
4.Control physical access to business computers. Create user accounts for each employee, including business laptops with no exception whatsoever. Laptops need have password protection and be locked when appropriate. Limit network access on computer stations particularly in reception areas.
5.Encrypt data. This helps protect the security and privacy of files. Make sure tha encryption is done on all laptops, mobile devices, flash drives an backupt tapes.
6.Malware protection. Install and use antivirus software. Make sure that potential virus threats are made known to employee base as soon as possible.
7.Update your systems. Keep all of your software protection updated regularly.
8.Secure access to your network. Create a firewall. Be careful in attempting to sue free security software as it has the potential to infect your
network. Allow remote access to your network only through protected pass codes and pursuant to a VPN-Virtual Private Network. To the extent that you have WI-FI in your workplace, make sure it is secure and encrypted and that a password is required for access at all times.
9.Verify the security controls of third parties. Be sure that the data protection practices of third parties meets the minimum requirements of your company before business is done.
10.Train your employees. The best for last. You will waste time and money and create a liability nightmare for the company if your employees are not trained to follow the above nine steps. Make sure they understand the policies and their importance. Document these policies and practices and distribute to your team. Update your policies and practices regularly. Keep retraining your staff as the need requires.