#1 – Know where your sensitive data is
It is important that you understand where your sensitive data resides and that it is appropriately stored behind the correct accesses. Ensure that its separated from the everyday files and folders that are accessible to anyone.
#2 – Limit the number of privileged users
Ensure you grant accessibility to only users that actually need it - and ensure they have been adequately vetted. This may involve running background checks or ensuring they’ve been with the business for a period of time before allowing them access.
#3 – Monitor User Activities Regularly
Ensure you have a proactive and continuous approach to auditing your users. Ensure you can keep track of both system changes and file/folder level changes.
#4 – Implement strict data encryption procedures and authentication policies
Ensure that your most sensitive data is encrypted. This will mean that should data ever leave the organization, or a material breach occur, at the very least you know they won’t be able to do anything with it. It’s also highly recommended that data is placed behind a comprehensive authentication method, such as two factor authentication.
#5 – Train your IT staff
One of the biggest causes of data leakage is people. Often there is a lack of understanding as to good practice when it comes to handling sensitive data – this can potentially lead to data leaks. To counter this, make sure you have adequate training in place on how to handle and manage data in the business.
#6 – Ask your employees and partners to sign a non-disclosure agreement
Should you need to share data outside the business ensure that you get all parties to sign a non-disclosure agreement. It should also be common practice to check with the relevant departments that the data is allowed to be shared.
#7 – Destroy unwanted sensitive data
Ensure your sensitive documents, irrespective of age, are appropriately deleted or backed up when needed. Ensure any old hardware such as disks or USB drives are wiped and checks have been made to ensure the data is no longer available.
#8 – Secure your endpoint devices
With the advent of Bring-Your-Own-Device its more important than ever before to ensure policies are in place to secure endpoint devices that have access your IT infrastructure. This security may be ensuring access via a secure VPN or through the deployment of a network access control solution. Make sure endpoint devices have adequate levels of security inherently within them before you allow them to access confidential data.
#9 – Ensure you have an adequate perimeter
Ensure you have adequate solutions in place to keep track of content being sent and received by email or instant messaging. Make sure you have a way of keeping track of what data your employees are copying to USB drives. If there are specific departments that are handling sensitive data, they should have extra levels of security to safeguard it.
#10 – Expect what you inspect
A key way of mitigating the risk of data being leaked is ensuring that you have adequate tools in place to audit and monitor both file/folder based activity and privileged user activity. Make sure it’s public knowledge that such solutions are present within the organization as this can serve as a deterrent.
Don’t Become a Headline
Data breaches are happening more frequently than ever before so you can’t assume it won’t happen to you. As the value of data increases so will the amount cybercrime, and this creates a problem for organizations of all sizes. Ensure you have a proactive and continuous approach to auditing and monitoring your sensitive data. You may be surprised at how cost-effective some third-party auditing solutions are – they are certainly a lot cheaper and far less embarrassing than a data breach.