Imagine a world where your data is always safe and secure. Your emails to coworkers, your customers’ contact and billing information, and even your company picnic photos all remain untouched and lovingly nestled in your company’s folders. Doesn’t that sound delightful?
If only this was the reality. Sorry to burst your bubble, but unless you’re taking proactive steps towards protecting your data, you’ll be in a world of trouble when hackers or hurricanes or a horde of flying monkeys (it could happen!) come knocking on or barreling through your door.
According to a 2014 study conducted by the Ponemon Institute, 43% of companies had experienced a data breach in the past year including big name brands eBay (145 million people affected), JPMorgan Chase & Co. (76 million households and 7 million small businesses affected) and Michaels (2.6 million people affected).
No business is immune to data breaches. From the large enterprise to the mom and pop shop, companies should be taking action and strengthening their cyber defenses. Still not convinced? Here are 4 reasons why data security is important for businesses of all types and sizes:
1) Disgruntled Employees
Every company has at least one of these. You could have out-of-this-world health benefits, free churros, inflatable bouncy castles, baskets full of puppies (can I come work for you?), and there will still be that one employee who dreads coming into work and might as well have a dark rain cloud positioned over their head.
These unhappy employees are walking around, making copies, attending meetings, stashing free churros in their desk drawers, all the while harboring a grudge that has taken on a life of its own. These rogue employees, especially IT employees who have direct access to networks, data centers and admin accounts, could do irreparable damage to your organization.
Mitigate risk by keeping a close eye on account privileges to avoid exploitation. Identify any accounts that are no longer in use or connected to employees that are no longer with the company. Then, immediately terminate these accounts to protect corporate data.
2) Human Error
We all make mistakes. It’s a natural part of life. We forget an anniversary, pour salt instead of sugar in our chai tea latte, and commit unforgivable fashion blunders that will haunt us for the rest of our lives (wait, socks and sandals aren’t in right now?).
Your business needs to be prepared for human error. It’s only a matter of time before an employee forgets their unlocked laptop in a taxi or an airport, a laptop with access to your company’s sensitive data.
It’s your responsibility to educate employees on cyber security best practices. Hold training sessions to show employees how to manage their passwords or avoid phishing email scams.
Make sure employees are creating strong passwords. One weak password can open the door to hackers. This may seem obvious, but passwords should never be generic or easy to guess.
Passwords should contain upper and lower case letters, numbers and symbols, and your employees should use a variety of passwords for various accounts and websites. Otherwise, a hacker only needs to crack one password to gain access to company data and multiple accounts.
Authentication is also essential for data security. Ensure business-critical data can only be accessed by entering a username and password. As a second line of defense, all data should be encrypted while in transit or at rest. If your data is stored in the cloud, choose a provider who encrypts data no matter where it resides.
3) Bring Your Own Device (BYOD)
With more and more companies adopting a bring your own device (BYOD) policy, employees are now using their mobile devices to share data and access company information. In fact, Gartner predicts that by 2017, half of employers will require employees to supply their own devices for work.
What does this mean? Well, BYOD policies could expose companies to any malware or viruses that infect their employees’ devices. And, employees may not regularly update mobile passwords on their devices.
According to a 2014 study by BT, mobile security breaches had affected more than two-thirds (68%) of global organizations in the last year. Be sure to develop a strong BYOD policy outlining device expectations.
Also, all users should keep their OS, software and applications up-to-date at all times. This is critical as software updates often contain security patches that can protect users from the latest security threats and vulnerabilities.
More and more companies are falling victim to ransomware, making it a hot topic in cyber security. Ransomware is malicious software that blocks access to your computer and then asks for a ransom in exchange for your company’s data. According to the U.S. Department of Justice, ransomware attacks have quadrupled this year compared to last year, averaging 4,000 a day.
Who’s a prime target for ransomware? Unlike other attacks, all companies are potential victims. If you have data you require daily access to, you could be targeted.
The best way to protect yourself against ransomware attacks is to periodically back up your data and applications. That way, even if ransomware infiltrates your company, your data will remain safe and secure. Make sure the back up is not directly connected to your computers. If it’s connected, ransomware attackers will be able to access it and encrypt it.
Danger lurks inside and outside of your company. Ensure you’re protected from a diverse range of threats by implementing backup and disaster recovery solutions. Learn how Allies Healthcare teamed up with Razor Technology and significantly improved their data recovery performance by downloading our case study here.