South Florida Technology Today

Data Loss Protection: 3 Things South Florida Companies Need to Know

Modern businesses need IT security policies in place to help manage their data and prevent data loss. Even small businesses are at risk if they aren’t addressing IT security concerns. Hackers, hacktivists, thieves, and disgruntled employees are out there.

They are stealing identities, revealing business secrets, taking financial data and even holding your data ransom with nefarious sounding viruses like cryptolocker. They are out there and they are waiting for a chance to pounce.

So what is your prevention and protection plan? If putting security policies in place isn’t a priority for you then it needs to be sooner rather than later. Don’t want for a data intrusion to take action.  If you have a policy in place you need to make sure that it is sound. Consider these three important features that every company’s security policy should contain:

• Firewall Protection. Firewalls are the filter for all of the data coming in and out of your network. Make sure that they are configured to recognize and report possible data breaches. If you experience a network intrusion these systems should be set up to send out an alert. If people can remotely access your system then a firewall is a requirement. Make sure that you have a system in place that not only gives you real-time alerts, but that also sends you regular reporting on that state of your firewall security.
• Data Classification and Handling Standards. What is your most sensitive data? What is lower in priority in terms of sensitivity? Any data that you are required by law to protect—like credit card information, patient data, or HR records, must be made a very high priority. With the right classification hierarchy you can determine which data needs the most protection. Usually organizations will classify their data into public, internal, and private. You may need additional levels depending on the data being handled. Doing a security inventory of your data is a good first step in determining these classifications.
• Access Controls. Who is able to access your data? Make sure that the people who need access to certain data have access and the people who don’t need access aren’t allowed in. Limiting the number of employees who can access your most sensitive data is a good first step. Make sure that your systems are configured properly so that configuration mistakes don’t lead to gaping holes in your IT security. Once you have proper access controls in place make sure that someone is doing an access audit at regular intervals.

Don’t be the victim of the next small business cyber-attack. Be proactive and take the measures necessary to prevent a data breach. If you aren’t sure if you’re properly protected then reach out to us. One of our IT network specialists will work with you to access the security health of your IT environment.