For years we’ve worked on our emails, documents, project management and other data on our local devices and shared them to a shared storage location for others to access when we were finished with them. But with so many people now working from home, it is essential to provide secure storage for data that everyone can share, collaborate on and access at every stage of development.
And the worst part about data stored on a remote device is that it is far more vulnerable to being stolen because most of these devices are not being protected behind a business grade firewall and security software.
Imagine what would happen to your business if only 50 percent of your staff were working from home and everything they worked on never made it to a shared access resource?
We shared the potential risks of insecure cloud file storage in Security Tip #23 “Don’t Download Anything You’re Not Authorized to Download”. And gave you “6 Tips To Keeping Your Data Safe In The Cloud” in Security Tip # 18. In Security Tip #10 we alerted you to “The Dangers of Using Dropbox.
So what are you supposed to do?
Following are 5 considerations for you to think about.
1. If you haven’t already, move to a cloud-based office suite.
Office 365 and Google G Suite offer cloud storage that is integrated into the service. Both offer excellent collaboration opportunities, so several people can work in a document simultaneously. Which one is best for your business really depends on how you do business! We even have some clients that are using both.
2. Use business grade file sync & share software.
Many business owners select consumer-grade file sync services because they just don’t understand the differences between consumer-grade and business-grade file sync & share solutions.
Here are 5 key distinctions that set business-grade solutions apart from their consumer-grade counterparts.
- They’re compliant with industry regulations and comply with security & legal requirements.
- They offer complete control over user access, file revisions, backup, and data retention.
- They are compatible with your existing hardware.
- They have advanced collaboration and sharing features.
- They provide your IT Staff or Partner with visibility and control to protect sensitive data.
3. Create a Bring Your Own Device policy.
68% of employees access their files from smartphones according to a Citrix Mobility Survey. The trend of BYOD helps companies in improving the productivity in a cost-effective manner.
But, it also opens the door for unauthorized access to sensitive data. So, it’s a good idea to have a BYOD policy, and enforce it, so sensitive data can be kept securely in personal devices. Security measures like limiting software installation and maintaining secure configurations must be adopted. Tech support for hardware and software updates, maintenance and troubleshooting should also be provided.
4. Create a policy for handling sensitive data.
Your business needs to properly segregate your sensitive and non-sensitive data, and to provide a strict process for handling important & sensitive information. Your data should be classified into public, private, and restricted, and security practices & policies must be followed accordingly. Private data needs to be handled cautiously. In the case of restricted data, employees should be given access on a need only basis.
5. Don’t allow personal devices on your network that aren’t properly protected.
A recent survey of IT professionals found that 59% of respondents agree the risk of unprotected personal devices has increased due to the current pandemic.
The study shows that IT professionals are taking the following measures:
29% are installing new technologies to ensure visibility and monitoring capabilities – this works for big and small businesses
21% say they are establishing and enforcing better & more security policies – this id especially important for small businesses
14% are restricting access to sensitive data to only those employees who need it – This is critical for any business if you have staff working from home
36% are implementing a combination of the above.
In order for a small business to accomplish these protections, they’ll need to hire an individual trained in IT security, or partner with an IT security provider like HBBTech. You don’t know what you don’t know – so how do you protect your business without help?
To help mitigate these risks and protect sensitive data that is being collected, it’s important for your business to take the necessary precautions to protect that data. It is your legal responsibility to protect their data! Start with a security training program on how to identify and report phishing attacks and understanding data handling policies. Invest in solutions that help to ensure data is both accessible and secure, like HBBTech’s Managed Security Solutions.
If a laptop is stolen, even with a strong password, it will likely get cracked, given enough time. Once the crook succeeds, any private data that is unencrypted is free for the taking. One solution: keep sensitive data on a secure private cloud service, so it’s never on your local hard drives. By storing this information in the cloud, you can immediately revoke access to the data when a device goes missing.
It’s simple stuff – but imagine the possible damages of data on a lost laptop at the airport or coffee shop. If you are required to be PCI or HIPAA compliant, this could also engage regulatory authorities, fines, civil suits and as surveys show, substantial reputation damage to your business.
How do most smart businesses feel about cyber risks?
Most companies are running scared of a potential cyber data breach because 71% of customers say they would leave your business for a competitor if you lost their personal data, to possibly never return… And, they are also likely to file a civil suit against your business for damages. https://www.agcs.allianz.com/insights/expert-risk-articles/risk-future-cyber/
If you’re not sure how to implement these recommendations or just plain don’t have the time, HBBTech is here to help. It doesn’t matter where you are, we service the entire USofA. So give us a call at (636) 542-8653 to set up a free Q&A so you can ask any questions you want to.
That’s it for Tip #25
Next week’s Tip will be
“Lies, lies, lies!!!”
Remember – It ain’t poisonal... it's jus bidness. ‘Til next time.
