Check
Free strategy check
Digitization

How do you secure your data?

Areas such as product and business development, customer care, sales, communication and operations typically take up much of the company's focus. But one area that often gets too little attention – especially in the increasingly digital age – is data security. How do we secure ourselves? Against what? And why?

Digitization

As technology advances, we struggle to keep our privacy intact, and it becomes more and more challenging. Even our everyday technologies such as smartphones, smart TVs and refrigerators can be used for hacking and surveillance.

Technology moves at a different speed than law and order enforcement. Development is going so fast that most companies never have time to talk and make decisions about data policy and security.

But technology is not waiting for us, so we will have to take digital security more seriously.

Digitization involves a multitude of risks

The American researcher and professor of politics, Jeffrey Herbst, warns in connection with data security that we must become better at thinking:

What can my data actually be used for? Am I okay with that? One thing is certain; if you leave information, it will also be used.

If something is connected to the Internet, it is potentially open to everyone, and far from all our data is encrypted equally well. The most popular password is still "123456", and security is not prioritized enough.

According to Herbst, we forget i.a. thinking about metadata; eg. is who we call just as interesting data as the content of the conversation. Major data breaches happen simply because many companies do not know how to store data securely.

This entails an imminent risk of fines, legal proceedings and, not least, bad publicity if the accident occurs.

The threat can often come from employees

Data breaches don't just come from hackers. One survey by PwC concludes that threats and mistakes from within the company itself actually pose a greater security challenge than external attacks.

The entrance to your company's data is often your employees. It can be something as innocent as an outdated and simple password for the company email, which lets the attacker into your data warehouse.

Employees often do not think about the fact that they have sensitive data from the company on their computer or smartphone.

It is therefore necessary to have an active policy for securing the company's data, which involves the use of mobile phones - including the use of e-mail - even in leisure time, as long as it is a company phone or just a phone with access to sensitive information from the company.

But no data security works if the employees do not support it and implement it as a habit and culture. That is why habits and thought patterns are important to address.

Eg. Convenience can often trump safety. Although it may be nice for employees to use their own computer or their own phone, it entails an increased risk of cyber threats.

When the employee goes home from work, sensitive information from the company can accompany him and be accessible through personal use of the technologies. According to data research institute Ponemon human error is directly responsible for more than 80 % of all data breaches.

Have a safety strategy!

For your own sake, your company's, your employees' and your customers' sake, you must therefore have a security strategy. Prepare a strategy and action plan in the event that the accident occurs, so that you can react quickly and limit the damage.

Create an overview of which data is available to whom. In particular, customer information and intellectual property. Can access and use of data be regulated with rules – or even with technology? Ex. an administrator can give certain people access to specific functions and block everyone else.

If you know your own data, know what it contains and what it can be used for, it becomes easier to find out who is interested in stealing it - and how.

However, the most basic thing is your mindset. You must consciously think about and train your safety skills. Consider how you use data and for what.

For example, as a starting point, always be careful – preferably too careful. Change passwords regularly and allow only authorized personnel to access data and sensitive information.

Always emphasize data security and make sure to inform and educate employees rather than disciplining them. Continually forward new knowledge and information about data security to employees.

Below, we have collected a further 23 measures from entrepreneur.com, which you can advantageously implement in your company's data security:

 

Good advice for securing your data

Knowledge and approach

 

  1. Think security right away. It cannot wait, and in the worst case it can cost the company its life in the form of fines, lawsuits or bad publicity.
  2. Stay up-to-date with best practice in online security. Development is lightning fast, and you quickly run the risk of being stuck with an outdated security system.
  3. Don't collect customer data if you don't need it. A large part of data breaches can be prevented by simply not storing unnecessary information that can be misused.
  4. Protect PII (Personally Identifiable Information), which is your customers' or business partners' contact information. You can encrypt it or even not save it if it is not necessary. If this data is made inaccessible, a data hack will become far less valuable.
  5. All employees must know what type of data is sensitive, and what type can be shared.
  6. All employees must learn to use security software.

 

Behavior and use

 

  1. Make sure that no work is done in the cloud until backups, antivirus, passwords and data policy are in place for everyone. Especially for teams, it is fantastically practical to work "in the cloud", e.g. through Dropbox or Google Drive, but without caution, sharing materials in the cloud can be a minefield of risk and threats.
  2. Please avoid external hardware, such as. usb stick, as external technologies may contain harmful files.
  3. Avoid installing unauthorized software on the company's computers and phones, as these may also contain harmful files, and only download applications from well-known app stores.
  4. Use always different passwords on different systems and makes them unpredictable and strong.
  5. Employees should protect all their devices with passwords.
  6. Devices belonging to the company should delete data, if an incorrect password is entered a certain number of times.
  7. Have a backup of eel
  8. Never click on links in emails, unless you trust the sender.
  9. Use of public wireless network should not be allowed on units belonging to the company.

 

Programs and tools

 

  1. All devices should have antivirus programs.
  2. Employees should always update their devices immediately instead of waiting.
  3. Always log out after using an application that contains data, or make sure that the program itself logs the user out after a period of inactivity.
  4. Make your servers hard to break and secure your codes and passwords.
  5. Have a firewall in place on your website and in the company's digital systems.
  6. Encrypt data. Encrypting information in your database means that you must have an encryption key to view this data. Data that is sent to you – and is not from you – such as e.g. a password, can also be encrypted.
  7. Apply IP restrictions, which are restrictions on the protocol that allows data to be exchanged online between computers, to avoid the most common attacks.
  8. Antivirus and anti-phishing solutions should be integrated in the company's servers and mail systems. Phishing is a scam where the attacker lures information out of the victim online.

Related topics

forstaa_blockchain_cover
Understanding Blockchain
saadan-bruger-du-virtuelle-vaerktoejer-til-smartere-samarbejde
How to use virtual tools for smarter collaboration 

Get a free check

Fill out the form to book a 30-60 minute session. 

We will respond within 24 hours

book a lecture

Contact us today and hear about your options

Thank you very much

We have received your inquiry and will get back to you as soon as possible