Data Privacy Day: Follow these best practices for data protection
Written by Darla Palmer-Ellingson in Business Technology for Your Business
Today, with nearly every industry reliant on technology and computing services, digital data is one of the most critical assets of a company. The loss, corruption or exposure of private data can result in lost time and money, and potentially damage a company’s reputation.
Best practices regarding data privacy and Internet security have evolved and improved in recent years. Following them will help individual employees and businesses keep their data safe and secure. With Data Privacy Day being observed on Jan. 28, now is a great time to ensure your company’s policies and procedures are up to date.
“We live in an ever-changing digital landscape, with hackers always attempting to gather access to our information,” says John Ketelhut, IT Manager at Arvig.
Use a Trusted Hosted Provider
Cloud computing has made it cheaper and easier for small businesses to host their data and applications remotely, as opposed to a company running servers and storage devices on their own premises.
Providers typically offer very reliable and secure services, but every business owner must ensure they choose a trusted host. Arvig’s Managed IT Services reliably backs up business customer’s data, and provides a full complement of disaster recovery features. Backup and data recovery solutions are designed to quickly revive your network following unplanned downtime to ensure your business is up and running as quickly as possible.
Arvig’s experts, located in Minnesota, proactively monitor and troubleshoot the network handling your data 24/7/365, maintaining business continuity.
Back Up Data Securely
Since a company’s data is so valuable, it’s important to make regular backups of all key databases and repositories. Backups should be tested regularly to make sure the data you need is actually there and usable.
Managed IT services, such those offered from Arvig, can help with this process. If possible, backup copies should be distributed geographically, so if a company’s headquarters is impacted by a natural disaster or power outage data can still be retrieved from an alternative location.
Cloud hosting providers often offer complete backup solutions that are priced according to the volume of data and speed of data recovery. When designing a system for data backups, your company’s IT leader should ensure that any remote files are secured and only accessible to users who would need to work with the data in case of an incident.
Offer a VPN Service
Many businesses rely on a virtual private network (VPN) to allow people to access corporate resources from remote locations. With a VPN, your employees must authenticate with their personal credentials to create a secure channel between their computer and your company’s local network. This ensures that all data transfer between the two locations cannot be obstructed or corrupted by a third party.
Stay Suspicious With Email
With so much of a company’s communications happening over email, it is crucial for all employees to be aware of email best practices. The key concept is to always be suspicious when opening an email message, especially if you do not recognize the sender’s address.
Spamming and phishing continues to affect a wide majority of Internet users, and these types of messages will often be disguised to appear legitimate. You should never open an email message that looks like it could be dangerous, and especially not if it contains an attachment or external link. Always report these messages to your local IT expert to ensure your data remains safe.
Be Safe When Browsing
The browser is every user’s portal to the wider Internet. If employees are not diligent when using internal and external websites, your company’s data could be at risk.
“Be careful what you click on when browsing websites,” Ketelhut says. “Avoid lesser-known websites if you can. Also, be on the lookout for any websites that appear to be misspelled or appear to be just a bit off.”
Passwords are the primary method for securing information online. When you use a web browser at work, be sure to choose complex passwords with numbers and symbols, and avoid using the same password for every website. In addition, if a site offers two-factor authentication through a mobile phone, always enable the option to better secure your data.
If you are shopping online from work or are using a credit card for another reason, ensure that the website has a valid secure socket layer (SSL) certificate. The lock symbol beside the website’s address will indicate whether your browser session is secure. Companies can improve their own Internet security by implementing SSL encryption for all public-facing websites that they host on their own resources.
Monitor External Devices
Instead of providing each employee with a company-owned phone, many businesses allow staff to bring their own smartphones and tablets into work for connecting to the corporate network and data. This is a cost-efficient practice, but it adds risk as these devices will all be running different operating systems and applications. It is important to enforce some basic security rules for all outside phones and tablets.
A device should only be allowed on your corporate network if it has a strong passcode or fingerprint protection. A company should also protect itself from rogue flash drives and other external media that could potentially contain dangerous viruses or malware. A strong virus scanner is recommended to run on all desktop and laptop computers in order to identify and remove digital threats.
Look Out For Social Engineering
Instead of directly targeting a company’s servers and IT infrastructure, some cybercriminals will attempt to use social engineering tactics to infiltrate themselves into a secure environment. These attacks can happen through email, over the phone, or in person. The criminal will typically pose as someone else and use persuasion to gain credentials or information from an unsuspecting employee. You must remain alert for these types of threats and never provide passwords or other crucial company data unless you know the true identity of the individual requesting it.
Employ Strong Anti-Virus Protection
Anti-virus and anti-malware protection—also called endpoint protection—is one of the first lines of defense in protecting your data. Not only can this software prevent some attacks, it can also isolate and wipe viruses from systems should they become infected. Make sure that all current updates are installed for your anti-virus protection, and that it is performing regular checks of all drives on your system.
Data Privacy Day is an annual reminder to review and revise how your company’s data is protected. Your data is never 100 percent secure. But you can take steps internally, and with a managed services partner like Arvig. It’s crucial to take steps internally, and with a managed services partner like Arvig create a multi-layer approach to protect data. That includes a good backup and recovery plan that will keep you prepared for when disaster strikes and ensure continuity of business operations.
For more about data privacy on social media, see our infographic here.