Data Loss Prevention
Preventing your data from loss or falling into the wrong hands should be a key part of your IT strategy … and day-to-day housekeeping. The consequences of such events can include breaches of confidentiality, non-compliance penalties, espionage, financial losses (to your business, employees and customers) and compromised reputation.
Get Safe Online's top tips...
-
Be aware of exactly what data is stored or replicated where, the level of associated risk and the consequences of its loss.
-
Have precautions in place to protect against data loss, theft or unauthorised replication, according to the level of risk.
The risks
-
Theft, inadvertent loss or unauthorised replication of data on portable devices (such as laptops, tablets, smartphones and USB-connected devices).
-
Data being inappropriately emailed.
-
Data being inappropriately uploaded to a website, ftp site or cloud-based storage.
-
Data being inappropriately printed.
-
Data being removed from the company on a CD or DVD.
-
Illicit removal and potential use, passing on or sale of data by departing or corrupt employees or those bearing a grudge.
Protect your data
There are a number of methods that you can use to protect your data:
-
Conduct a risk analysis by reviewing the information stored on the company network, in the cloud and on individual devices, who has access to it and the consequences of its loss.
-
Establish document classification in order to identify categories of confidentiality.
-
Control who has access to what data by setting access levels.
-
Establish and enforce clear policies about what employees can do with confidential or business-critical data. Educate the workforce.
-
Educate staff on diligence about data access authorisation and email recipient and cc lists.
-
Ban or restrict the use of portable devices.
-
Disable USB ports by either electronic or physical means.
-
Establish a clear BYoD (Bring Your Own Device) policy.
-
Encrypt corporate data.
-
Consider purchasing a commercial Data Loss Prevention solution.