5 Tips for Preventing a Data Breach in 2015
As we wrap up another year, I think we can sum up 2014 as the year of data breaches. As we look ahead to 2015, we can say goodbye to hearing about breaches every other week. Say goodbye to big name companies like Home Depot, Coca Cola, Michael’s, almost the entire state of California, and more being in the headlines and battling negative exposure. And, say goodbye to companies exposing sensitive personal and company information. We can do all that right? Unfortunately, I think that we are far from it. So, we review some basic principles that companies can focus on in hopes of preventing a data breach in the future. If you have more suggestions or more detailed tips, lets us know in the comments section!
1. Take the Time Now
Some people like to live by the phrase “If it aint broke, don’t fix it”. When dealing with sensitive company and customer information, that is not a good phrase to live by. If there is an opportunity to make your processes more secure and efficient, it is not worth the time and money to wait until “it breaks” (a data breach). Take the time to reevaluate your current processes and see where there are gaps that leave you susceptible to risk. There are a lot of solutions out there that can help protect your data, take the time to evaluate the solutions. Then take the time (and money) to implement processes that will help you prevent a data breach instead of waiting for one to impact your organization.
A good example is encrypting devices. Quite a few of the data breaches were due to lost or stolen devices that weren’t encrypted. It costs significantly less time and money to spend on encrypting all devices than it is to react to a data breach from an unencrypted laptop. In short, be proactive!
2. Replace Manual Processes
Manual processes take time, leave you vulnerable to increased risk such as human error, and lead to overspending on administrative costs. Time, risk and money. What other reasons do you need to motivate you to get rid of those spreadsheets and replace them with automated processes?!
3. Educate Your Employees
It is no secret that a data breach costs a company a lot of money. However, I am not sure that all employees truly understand the ramifications of a stolen personal record. My suggestion is to educate your employees on the risks and costs associated with exposing personal information.
Furthermore, even though some of the larger data breaches, like Target, came from external threats, a company’s own employees were causes of many data breaches this year. Continuous education on how employees should safeguard company information and assets are important to minimize breaches from human error.
4. Learn From Others
There were plenty of data breaches this year that can be used as learning opportunities. Whether it is how the breach happened or, perhaps, how a company reacted, companies can prioritize how to plan for securing data in 2015 by looking at the shortcomings of others.
For example, Coca-Cola’s data breach was due to stolen laptops that were meant to be destroyed. At this point companies have most likely implemented tools like IT Asset Management solutions to track and manage IT assets when they are online, but security tends to lag once assets go offline. These assets are still valuable and contain sensitive data so companies should implement automated workflows for managing them when they are offline to ensure all assets reach their final destination. B&L Associates released a solution this year for managing offline IT assets called AssetAware that you can check out and use to prevent a data breach.
5. Enforce strategies
What good are implementing secure policies if employees don’t follow through on them? When sensitive data is on the line, when an employee or a company cuts corners, that is when a data breach most likely occurs. By enforcing strategies, you can also get feedback on what is working and what needs to be reevaluated and improved upon.
Hopefully, 2015 will be a year when people can have peace of mind that their sensitive data is secure and assurance that companies are doing all they can to make that happen. Add your tips for 2015 in the comments. I will make a presentation out of the comments to share on SlideShare. Be sure to check out B&L Associates’ offline IT asset management solutions and learn about how you can protect data on offline IT assets. Happy Holidays!