Given our reliance on the Internet and the sensitive information transmitted online, security measures must be implemented. Data security over your Internet connection, regardless of whether it’s wireless or wired, is a requirement in today’s business world to protect your digital data.
Examine, if you will, the different types of data we exchange in a given day. Logging into bank sites, purchasing products online, communicating with your attorney concerning a matter involving sensitive information about your business over email. Any single one of these activities poses potential risk individually, and can culminate into a large-scale data breach if steps aren’t taken along the way.
Compromising Data En Route
Consider how many aspects of business we conduct on a daily basis that are touched by digital technologies. Email, phone calls, Internet access and searches, smartphone or tablet access,…the list could go on ad nauseum.
Correspondingly there are numerous ways in which we connect to that data over the Internet that can be intercepted:
- Logging online at coffee shops, internet cafes, or other public WiFi locations
- Using a smartphone as a mobile hotspot for our laptop or tablet
- Accessing email or other information (such as our banking app) via a smartphone
- Using a hotel’s open WiFi
- Utilizing a neighbor, or nearby businesses’, open WiFi to access the Internet
These types of connections might seem harmless but each poses their own risk. A variety of software programs exist that enable the interception of data across these networks. Programs vary in their sophistication and can fulfill a variety of tasks, some of which slowly infiltrate your network, crawling through computers collecting passwords and data along the way. They send the collected data back to the hacker where it can be used for nefarious purposes.
There Is No Perfect Security Solution – Only Best Practices
There is no unhackable workplace environment. However, there are measures that can be taken to remove many of the risks described above.
One of the primary methods is by using a Virtual Private Network (VPN) to create a tunnel encrypting all data between a computer and the Internet. Whether you’re using a hardwire Internet connection in your office, or using a wireless Internet connection, it’s prudent to utilize a VPN to encrypt your traffic adding another layer of security while your data is in transit.
While VPNs address protecting data ‘on the move’ it is important to consider protecting your documents and data where they reside on internal servers. Due diligence and research will be the key here as there are a number of options on the market purporting to be a good solution for your business. Key aspects to protecting your in-house data will be the following:
- Ability to control access of data by all employees, and to retrieve data from their computers regardless of computer location. In other words, should their laptop be absent from the office when they’re fired can that data be remotely erased to avoid data theft?
- Ability to track each device authorized by each individual with authorized access. Did Mary Smith authorize more than one smartphone to access her folders on the network? Did your IT department receive an alert concerning the second authorization as suspicious so they can discuss it with her?
- Ability to retrieve deleted files. Employees planning to do damage just before quitting and/or moving to a competitor might mailiciously delete files. It’s prudent to keep backups that enhance your ability to retrieve deleted files going back some amount of time.
- Encryption of data exchanged. The ability to encrypt your data can happen several ways but AES 256-bit encryption is a currently acceptable standard of encryption for exchanging information between a data server and your computer.
- Protecting cloud data. When choosing to use cloud-based data storage services dig into their privacy agreements and terms to determine whether their employees can access your data stored on their servers. That your data is encrypted on your own computers doesn’t necessarily mean it is encrypted on their own computers.
Danger Lurks Everywhere, A Little Housekeeping Goes A Long Way
Having addressed protecting data when it’s moved or stored digitally, we must discuss what happens to data on hardware.
When your company is ready to phase out old hard drives it’s important to dispose of those properly and to remove all identifying data that could be retrieved from these drives. Reputable services exist that will do this for you, much in the same fashion that shredder services will come pick up your papers for shredding.
However, there are also software programs that can be purchased that will do perform a seven pass rewrite of the drive, which most computer technicians agree makes data retrieval almost impossible if done correctly. A properly performed seven-pass data rewrite will overwrite every sector of the hard drive platter seven times. It should be noted that newer hard drives that are solid-state media or USB-type drives can be resistant to such techniques and often allow for data retrieval despite multiple data rewrites.
On the topic of USB drives, that particular form of media has become a real threat to security due to undetectable malware vulnerability disclosed at a recent Black Hat conference by several researchers. Despite formatting the USB drive this malware can survive and will wreak havoc once it’s infected your computer and begins infecting your network.
If It Was Easy, Everyone Would Do It
The weakest link in any business are people, not necessarily equipment. As such the predictability of people is easy for hackers to prey upon. Safeguarding your data means, at times, utilizing techniques that can be cumbersome but reinforcing the importance of such practices with your employees is vital to protecting your business and your data.