How to secure your business data
By Anthony Caruana | April 5, 2013
Your business relies on data. Documents, accounting records, contracts, photos and other information is critical for ongoing operations and as records for the tax office and other authorities. So how do you secure that data? We look at three important steps.
How safe is the data in your business? What would happen if your computers were stolen? What if they were damaged in a fire or flood - a very real proposition in many parts of Australia? And what about unauthorised access to your systems?
Logical security is about passwords and access to data and systems.
An important first step in securing your data is to ensure that every computer in your business has a password that is changed regularly. A good rule of thumb for creating secure passwords is to use the following guidelines:
- Include a minimum of eight characters
- Use a combination of upper-case and lower-case letters
- Include some symbols such as punctuation
- Include some numerals
- Avoid names and words that are in the dictionary.
The other element of logical security is limiting access to data and systems to the people who need it. For example, who can access your accounts system and enter or change transactions? Restrict access to important systems so that only relevant, authorised staff can access important systems and files. This also applies to your networks.
Physical security is all about keeping physical devices safe. Even if you use robust passwords, anyone with a moderate level of computing skill can break into a password-protected computer once they have the physical device.
Some useful tools to discourage physical theft are:
- Security cameras - these can cost as little as $100 and send data from your network to a storage device. Even at this price, they are motion-activated so they'll only record images if something moves in the room
- Secure locks on doors and windows
- Security cables on laptops - most portable computers have a small slot called a Kensington slot that allows you to connect a special cable that you anchor to furniture, making it harder to remove the device.
On their own, none of the physical or logical methods we've suggested will deter a determined thief. However, a combination of two or more precautions can create a layered security strategy that will discourage many miscreants.
Every business should be backing up critical data regularly. We'd suggest that an automated backup each night is a minimum requirement.
With backups, two things are critical:
Keep your backups offsite. Assuming you create backups daily, those backups need to be removed from your premises. After all, if there's a disaster and you lose access to your systems or office, you'll want access to your data.
Test your backups. Every month or so, test your backups to ensure that you can easily retrieve data. Not only does this test the effectiveness of your backups, it also ensures that staff are familiar with the restoration process.
There are many different ways to back systems up. There are now Cloud services such as Carbonite and CrashPlan that offer offsite backups. If you prefer a local solution, you might purchase a tape system and then regularly have the tapes taken offsite.
How do you protect your business data?