It’s Good to Talk about Data Security
9 February 2016
Data security. We all know about it, we all know we should take precautions against it, but how far do we really go and how far should we go to protect our business data? Accountancy firms come in all shapes and sizes and for many a belts and braces approach to data security can’t always be implemented. Budgets may not be too sizable and expertise may not be available.
How can businesses be proactive in putting the right level of data security measures in place to ensure data is kept safe, whilst not breaking the bank at the same time? Accountancy firms use and store vital information about clients and their financial information, that in itself is attractive to cyber criminals, as this type of information = money!
Should you be rushing to lock away all data away under padlock and key, shut down online banking, email accounts, and social media pages? Not quite. Accountancy firms must embrace technology in order to be a successful modern, digital business. But at the same time must be vigilant and have the right level of data security policies in place.
A recent study by PWC found that there has been an increase in the number of both large and small organisations experiencing breaches. 90% of large organisations and 74% of small businesses reported that they had suffered a security breach.
The average cost of the worst single breach suffered by businesses surveyed has gone up sharply for all sizes of business. For companies employing over 500 people, the ‘starting point’ for breach costs now commences at £1.46m, increased from £600,000 the previous year. Small businesses do not fare much better – their higher end has more than doubled this year to £310,800.
Therefore you should expect that you will be compromised on some level. It may not be a large scale attack, it could be something as simple as a disgruntled ex-employee taking a file or transferring a document across an unsecure network.
So, what precautions can your business make to minimise the chance of business critical data getting into the wrong hands?
Prioritise data and identify the business critical areas
It is not about building a high wall around your entire data estate, its about prioritising business critical data and working down the way and making sure the most valuable content is stored in harder to reach places.
Don’t give the safe keys to everyone! Only allow access to business critical data to those who really need it.
Educate, educate, educate
This may sounds simple, but educating employees about how they should look after company data and what the potential consequences are if they do not. Make employees aware of security breeches in other companies to show how often simple mistakes can have detrimental effects on data ending up in the wrong hands.
Simple precautions are the secret to avoiding disasters and all businesses will benefit from this advice. As technology advances by the second, it’s important to remain one step ahead of the game at all times.
Doing something as simple as sending corporate data from a work email to a Hotmail account can be dangerous to a company. By sending it across an unsecured network, the company opens itself up to a whole host of potential issues. To combat this problem, ensure suitable training and policies are in place so that employees understand how to communicate safely from one network to another.
Make copies: backup, backup and backup again
When companies talk about data loss scenarios they envisage burning buildings and flooded basements, but these are worst case scenarios. The smaller and more common issues such as simply deleting a document or folder from the network can be disastrous if the correct procedures are not put in place. Data should always be backed up, on a regular basis. By keeping data off site, data is protected in the case of a major disaster and/or theft. Regular back-ups ensure that data is retrievable, should it be deleted accidentally.
Encrypt data where possible
A way to combat online security breaches is to encrypt as much data as possible. This ensures that by the end point of encryption – whether it’s on a tablet, a server, a memory stick or a portable device – it’s much more difficult for that data to be repurposed or reused in anyway.
IFB understands the responsibility financial companies have in protecting their sensitive data. We have build our backup and recovery platform to the highest standard, using industry leading software and hardware to ensure our clients have peace of mind their data is secure and safe at all times.
IFB is offering preferential rates for ICAS members on Data Backup and Recovery to make sure your business is not seriously affected by a data breach. As an ICAS member, your company is eligible for preferential rates on IFB’s Backup and Recovery service.
Simply visit IFB’s dedicated webpage for further details and search for IFB for further details.