Cyber Security – Inside and Out
The above CNN September headline introduces their report on the biggest breaches ever. Breaches are scary, costly, subject to lawsuits, and a pain in the . . . for everyone. And yes, every business is susceptible. So, what can you do to protect your business from this frightening scenario?
Recognize that the danger is real and while the most publicly prominent breaches are consistently instigated by malicious outside parties, there is also danger on the inside, and the tide is turning. Joseph Steinberg, in this DataInsider article published by Digital Guardian, says,
“In general, the greatest data security risk is posed to organizations by insiders, as they have access to sensitive information on a regular basis, and may know how that information is protected. If they want to steal it or leak it, they can usually do so with far greater ease than outsiders. Furthermore, insiders may also accidentally leak data or otherwise put it at risk – something that outsiders typically cannot do. Whether by attaching the wrong file to an email being sent, oversharing on social media, losing a laptop or USB drive, or through some other mistake, insiders can put an organization’s data at risk with little effort.”
Preparedness is crucial – both in network security and insider security. This is not the place to cut corners.
- Use a reliable system for preventing outsider breaches. Learn the essential elements and fulfill owner/operator responsibilities.
- Consistently review all security procedures at every level.
- Train staff at every level and regularly schedule refresher classes on data security guidelines.
- Utilize a check and balance accountability system.
- Consider a zero tolerance system for blatant disregard for security requirements.
Don’t neglect your incident response plan. Being prepared is only half the battle for security. Having a specific plan of action for even the smallest of breaches is essential. If – or should we say when – a breach happens, companies who have a well-rehearsed and consistently reviewed plan ready to roll immediately will suffer the least damage – saving cost, recovery time, and reputation.
- Identify (and prioritize) assets and risks.
- Establish your procedures.
- Create a response team
- Train at every level – while responsibilities and actions will obviously be different for an entry-level employee and your CEO, everyone should be onboard and well-trained.
AllianceStaff is a business too – we understand the importance of data security. We know our clients and candidates depend on us to keep their data secure. Whether you’re looking for talent or work, you can trust AllianceStaff. Contact us today – let us help you move forward.