FAQs: Data Protection
As an IT services provider to the alternative asset industry for more than 25 years, we get asked our fair share of questions on a variety of technology topics. One of the most frequent categories that these questions fall into is data protection. For today’s blog post, we’ve rounded up our three most frequent questions on the topic and shared the answers to these complex challenges.
1. What are the best ways to ensure my networks are kept secure at all times?
There are several ways to ensure your networks are kept secure. The first step is to make sure that you install anti-virus software and a firewall on your network. While not foolproof, these tools still help prevent hackers from obtaining personally identifiable information (PII) and are necessary steps when it comes to due diligence. The newest types of antivirus solutions actually detect and halt cyber threats in real time by utilizing advanced techniques such as machine learning. Other important solutions include secure email programs and mobile device management tools (MDM). MDM helps protect information that is sent from mobile devices by giving administrators the ability to wipe data remotely in the case that the device is stolen or misplaced.
In addition to employing the right solutions, you should enforce data protection policies for your organization, including a password policy that requires employees to update their passwords every few months and utilize a variety of letters, numbers and characters. Other important policies include blocking or limiting the use of social media at your company and encouraging the use of enterprise grade file sharing solutions over consumer grade solutions.
2. How can I ensure that I minimize the risk of my employees causing a data breach?
You can minimize the risk of employees causing a data breach by training employees on common threats to ensure they are prepared to respond appropriately. Threats can include social engineering, which is the art of manipulating people into divulging confidential information or performing actions; spearphishing, which occurs when a hacker tries to acquire information such as usernames, passwords and credit card numbers by masquerading as a trustworthy entity in an electronic communication; and accidents, such as losing a laptop and smartphone. When it comes to accidents, tools such as mobile device management are helpful as they allow you to remotely wipe data from the stolen or misplaced device.
3. What should I do if I suspect my data has been breached?
It is essential that you invest time in developing a response plan so that you are prepared if you experience a data or security breach. The plan should clearly designate teams for IT and legal response to ensure that the issue is handled appropriately, and also define clear procedures and lines of authority for employees in the case of the breach. An effective plan will allow for the containment, assessment and response to data breaches in a timely fashion to help lessen damage to the areas of the business that are impacted.