Tag Archives: Data security

Data Security in the Cloud

Cloud computing is used by many businesses, including small to medium-sized companies. Reasons for moving to the cloud include the desire for someone else to operate and maintain infrastructure, and to use a pay-as-you-go subscription model. In spite of the draw of cloud computing, companies need to consider what data they want in the cloud, and how that data will be managed and protected. Read on to learn more about what to consider when looking for a cloud provider

 

Cloud Computing Offers Benefits and Raises Questions

 

Cloud computing is often a good way to reduce infrastructure costs by accessing computing resources remotely over the Internet. Thus, a company can leave the infrastructure and its maintenance to a provider, and pay according to resources used. Depending on the service levels, some responsibility for data management may fall on your business. This provides flexibility for you and shares the responsibility with you. 

 

According to a CompTIA guide for cloud security, recent data incidents have drawn attention especially to how a CSP handles data. But amazingly, not that many companies—small to medium-sized businesses among them—do a “deep dive” in researching a provider.  Commonly, company executives worry most about system outages and data breaches, which are concerns. However, with the amount of data generated by businesses, there are also the issues of data integrity, regulatory compliance, and disaster recovery. 

 

Considerations for Cloud Security

 

A key consideration for cloud security starts with the understanding of your service level agreement (SLA). For example, you may want to keep an archive of your email for compliance reasons; if so, ensure that is included in your SLA.  Additionally, you may want to ensure that your critical confidential and personally identifying information like bank account numbers, names and addresses and Social Security numbers are kept safe to avoid fines and loss of reputation; this may be done through encryption of the data. Some responsibility may rest on your shoulders; how long should you keep data, and how will it be disposed of?  

 

Your data is too critical not to be protected. For more guidance about what to discuss with a prospective provider, contact your trusted technology advisor today.

Business Benefits of Data Governance

Data collection by businesses is a given, and a great deal of data is collected by a business in the process of performing its functions. In turn, it can help a business perform its role. For data to be used well, it must be of top quality, be available, and kept secure. Read on to learn more about data governance for your business. 

 

Benefits of Protecting Data

 

Your company has many reasons to protect its data. For one thing, cyber criminals are waiting to get company data they can exploit, to put on the dark web or to design social engineering schemes. What if employee data was exposed, and used to compromise your company’s reputation, or the reputations of your customers? If a nonprofit’s donor data was leaked, their reputation would be damaged and they might even have to close. Businesses subject to data compliance regulations like HIPAA or GDPR have to pay fines for data breaches, and sustain loss of reputation as well–both things that safeguarding data can help avoid. 

 

How to Safeguard Your Company’s Data

 

What are things a business can do to safeguard their data? First off, a company can consistently inventory its data, disposing of content it no longer needs. Along with this practice, not saving old data in general keeps exposure risks to a minimum. Instead of keeping data on multiple servers on the premises, look to secure remote data storage to keep it safe in one place. Doing a data inventory also helps you discover what personally identifying information (Social Security numbers, birthdates) or financial (credit card numbers or electronic payment numbers) is on their computers. 

 

Having a structure for managing and using data will bring your business multiple benefits. For help with setting up your company’s policies and procedures for using and storing data, contact your trusted technology advisor today.

Examine Data Security Policies for Remote Work

Nearly a year after the pandemic closed business offices worldwide, remote work is the norm. Keeping your company’s computer network strong and secure is of great importance. Even now, businesses may want to revisit decisions made so quickly last March. Read on to learn about the most critical questions to ask in order to have a robust security plan for remote work.

 

Network Security Considerations for Remote Work

 

The usual security considerations remain important. First, how secure is your network against common viruses and malware? Ideally, definitions are as current as possible to catch the growing security threats. Is your method for access to the network still secure and efficient? Some companies can maintain a virtual private network requiring passwords; others may want to move some computing resources to the cloud. Still, varying levels of access may need to be determined, to keep data secure and bandwidth available for key business operations. For example, workers using video conferencing services need more bandwidth than employees who mostly handle email only. Another decision involves where workers will access your network; a company-owned PC connected to the company’s network is more secure than a worker’s personal computer or mobile device. 

Train Employees to Keep Your Network Secure

 

As always, employee training needs to be part of a remote work security policy. Clear rules should be set in place regarding which equipment is used for work purposes. Employees need to be reminded to be on the lookout for possible security intrusions like phishing schemes to avoid ransomware. Passwords are another key to keeping the company’s data secure; part of training includes helping employees develop strong and secure passwords and to change them regularly. While employees are often considered a weak link in security, when properly trained they can be the greatest asset. According to Gartner, “Remote workers must ensure the same, if not a greater, level of security for all company networks and data access, documents or otherwise confidential information that might be displayed on a home office computer screen.” 

 

Since remote workers expand the company’s security perimeter, you might want to re-evaluate your policies and practices. For help in refining your company’s security plan, contact us today.