Eight Ways to Kick-Start Your Data Loss and Security Breach Plan
No company wants to face the nightmare of losing data or exposing it to unauthorized eyes. Guard against these security threats with a smart, responsive data protection and recovery plan.
DID YOU KNOW? According to PC World, of 855 data breaches in 2011, 81% included hacking, 69% occurred via malware, and 61% used both.
FAST FACT: According to the Identity Theft Resource Center, 93 data breaches took place in the first quarter of 2012, exposing the personal information of 2,140,987 people.
Are you confident about the overall ability of your company’s security policies to keep you safe from data breaches? Even if the answer is yes, it might be wise to review those policies and procedures, as new threats are always looming.
Consider these real scenarios:
- Credibility gap: A security breach in a credit-card processor’s system exposed 1.5 million customers’ personal data.
- Looking for these? Hackers lifted 400,000 passwords at a major online reference site and posted them online.
- Lovers beware: In another hacking incident, 1.5 million passwords were stolen from an online dating site.
These events are just a sampling of the breaches experienced in 2012. That’s disturbing.
A Problem on the Rise
Last year was a great one for hackers—and a nightmare for their victims. According to PC World, 2011 saw 855 security lapses that resulted in 174 million compromised personal accounts or records.
PC World also notes that 98 percent of all breaches are committed by outside sources. Of these, organized crime accounts for 83 percent. These traditional criminals typically target small or medium-size companies—businesses that are more likely to have easily exploited security vulnerabilities.
Activist hackers (aka “hacktivists”) are the other perpetrators. They’re often out to make a political statement or reveal a technology flaw. While hacktivists are behind fewer security breach incidents, they’re responsible for more violations of personal information, such as the cases mentioned at the top of this article.
Time to Form (or Reform) Your Plan?
It might seem like there’s nothing you can do about data breaches—that clever hackers can find an opening in any server or network they choose to attack. But you certainly can minimize the risk. Keep in mind that what’s at stake is your financial data, your customers’ data and your reputation.
This eight-point plan can boost your efforts to fight breaches:
- Train your employees. No matter the size of your company, data protection is everyone’s job. Train each staff member on the importance of safe data handling. Use strong passwords on mobile computers, and change them regularly. Review security policies quarterly.
- Lock down your paper. Electronic data breaches grab headlines, but paper files get stolen, too. Keep all records in a secured location or space.
- Follow a need-to-know-basis policy. Once you’ve locked up those records or password-protected your files, give access only to employees who absolutely need it.
- Slice ’em up. Does your office maintain a secure IT asset disposition policy that includes routine destruction of unneeded e-waste?
- Build a fire(wall) around your network to prevent snoops or hackers from getting past the gates.
- Put portable policies in place. Telecommuters or any employee with a laptop, tablet or smartphone pose a greater security challenge. Talk to your IT team about ways you can collaborate to provide mobile access without a security compromise.
- Speak in code. Use encryption strategically. If you simply encrypt every file, it can really slow down your operations. Instead, analyze your data to determine where encryption would be the most beneficial.
- Back it up and take it away. Have a multipronged backup strategy in place that includes daily on- and offsite tape backups. Offsite tape backup provides access to uncorrupted information no matter what happens on your network. Work with a trusted third-party offsite tape storage partner to do this most efficiently—and consider encrypting those offsite backup tapes for greater peace of mind.
Iron Mountain Recommends: Get the Offsite Advantage
No matter what your data breach security plan entails, offsite tape storage should be part of this very important mix. Why? Because when your network’s defenses have been breached, your tapes will still be there.
Consider what you stand to gain from offsite tape storage:
- Rising like a phoenix. Know that no matter what problem faces your system, Iron Mountain’s data protection specialists are available 24/7 to aid in your quick recovery.
- Safe travels. The Iron Mountain secure data-transportation system provides your tapes with the ultimate in data protection best practices as they travel between your location and the offsite facility.
- Solid audit trail. Online media management software helps keep track of your backup storage tapes.
Do you have questions about data backup and recovery? Read additional Knowledge Center stories on this subject, or contact Iron Mountain’s Data Backup and Recovery team. You’ll be connected with a knowledgeable product and services specialist who can address your specific challenges.
Secure Offsite Data Storage: It Keeps You Running
Protecting Vital Business Data from Natural Calamities