Do you know Exactly Where your Business Data is, and How Easily Accessible it is??
We regularly talk about cybersecurity and the need to make sure your systems are secure. However, one item that rarely gets mentioned is the actual data sitting behind your company's IT systems. The majority of cybersecurity breaches that happen today encrypt corporate data. As more and more breaches happen governments all around the world are looking to tighten up their legislation on data. This has already happened in Europe with the introduction of GDPR. Of course, you might not operate in Europe but if you have clients based in Europe the legislation applies to you also. With all their new rules in place, you must know exactly where your company data is located, how it is being secured, and if it's being backed up.
Here's our list of the most common locations for company data to be stored:
1) Cloud services
10 years ago, the cloud was a new thing in the IT world but it's become so prevalent now - with the majority of email services cloud-based this is the number one most common location for all types of company data to be stored. What's lurking inside your inbox or more importantly your HR departments? A lot of CVs and data on individuals you may be on file - this needs to stay secure otherwise you could be in for severe fines.
2) Desktop and laptop computers
This is the most obvious location where data is kept. What's important is that you have some form of encryption on all devices so that if anything ever goes missing there is a limited chance of the data being accessed.
3) USBs, portable storage, and memory cards
Many government agencies have had all sorts of breaches due to the use and loss of USB drives. The best advice we can give you is to restrict the use. Or an all-out ban on the use of USB storage devices within your business. Whilst it's very practical for transferring files it's also very easy to lose those files.
4) On-premise servers
Even if you have cloud services on your IT infrastructure there's a good chance you also have on-premise servers doing some basic functions. The most common include network file shares, printer servers, and directory services.
Whilst you may have really good software and systems protecting these servers the question we ask is about physical access. How easy would it be for someone to access these servers physically in your office?
Are they locked in a server room or just in a spare office cupboard? Who has access and what type of procedure do you have in place to gain access to these locations?
5) 3rd party suppliers, contractors, and consultants.
It's fairly common for larger-sized businesses to have a constant flow of suppliers, contractors, and consultants touching many aspects of your business. With these interactions usually comes the transfer of data. What's the company policy on the supply of data to 3rd parties? Do you have an NDA in place? Do you have a questionnaire that's reviewed by IT to establish what security is in place with these 3rd parties?
Would a breach invalidate your insurance if it were to be found that the correct security was not in place?
With the number of breaches now taking place regularly these types of questions are coming up daily.
If you would like to find out some of the other locations where your company data may be stored, then get in touch with us for an introductory meeting at (786) 621-8600 or send an email to begin a no-obligation conversation.
DigitalEra is your trusted security advisor that provides best-in-class solutions with Next Gen technologies and managed services to companies and Governments throughout the US, Latin America, and the Caribbean. Our deep technical knowledge, industry-leading certifications, and proven experience allow us to better understand our customers’ needs and provide innovative solutions. We are passionate about protecting our customers. We offer peace of mind by safeguarding organizations from Cybersecurity risks and enable our customers to accelerate growth and focus on their operations. For more information, visit:www.digitaleragroup.com.