Don’t let a data security issue become a public relations nightmare for your enterprise. Huge gains in efficiency and productivity are in the cards for any enterprise that can keep pace with technology. However, with any technological advance, risks and pitfalls are abound. Especially when it comes to Data Security. Indeed, many have already succumbed to these pitfalls; think healthcare agencies, credit reporting agencies, and even the US Government (remember Edward Snowden?). Considering most businesses and industries are currently in some form of lock-down, Data Security and Data Security Practices are crucial. If your enterprise is fortunate enough to have remote work capability and your current Data Security practices are somewhat lacking, consider these basic tips for our current COVID-19 Era.
- Learn from your prior mistakes. It is said we can learn much more form our failures compared to our successes. If your organization has already been the victim of a Data Security issue, hopefully you have already implemented practices to prevent the same occurrence in the future. Continually revisiting your Data Security practices is important in many respects, to name just a few: 1) It serves to minimize future occurrences, 2) It serves to reinforce your polices, 3) It demonstrates the importance of the issue to your workforce, and 4) It could serve to cut-off (or at least limit) liability/damages in the event of a failure. Make regular review of your practices a priority.
- Limit who has access. Does everyone in your organization need access to all your critical systems and information? Probably not. Considering who needs access, and what information they need access to, is an important consideration.
- Back up your Data. With every data breach you run the risk of data manipulation, destruction, or worse. Likewise, even authorized users accidently delete, misplace, or “lose” files. Having a good data back-up plan in place can serve to minimize down time and keep your operation running efficiently.
- Instruct your staff on how to access data properly. Is your workforce using public wifi? Are they creating a “hot-spot” with their private mobile phone? Worse yet, are they using a public kiosk? Answering yes to any of the above should give alarm. Consider using a virtual private network (VPN) as the only method for accessing data. VPNs provide secure and encrypted transmission of data. Choosing one that allows for multi-factor authentication is always preferred.
- Make regular software updates a high priority. Critical updates are routinely made to most software products and they serve an important function in minimizing data breaches. Checking for updates and utilizing “reminders” is a great practice in keeping software up to date. Also, make sure your anti-virus and anti-malware software is regularly checked for updates and automatically set to scan for threats.
- Use strong passwords. Combining letters (upper & lower case), non-sequential numbers, special characters and of course multi-factor authentication helps prevent unauthorized access and data breaches. Confirm your staff is using strong passwords to avoid unnecessary risks.
- Don’t forget plain old common sense. When working public areas make sure you are not exposing information. Use privacy screens and screen locks, power down when not in use, be aware of your surroundings, and keep vigilant! Also, be on the lookout for all types of internet scams, including email phishing, suspect links/attachments, etc. Scam Artists tend to thrive is scary and uncertain times. Keeping vigilant and having procedures in place ahead of time serves to minimize their effectiveness
Call an Experienced CA Business Lawyer Today
To schedule your consultation with one of our CA business attorneys, call Structure Law Group, LLP today at (408) 441-7500 or contact us online.