Whether it’s customer or employee information, the data your business stores can be personal or sensitive. Just like you protect your buildings, inventory, and employees, you need to protect confidential information. Here are some precautions you might want to consider:
Email encryption scrambles information into an unintelligible mess of characters while it travels to the recipient. The information only unscrambles for the intended message recipient.
Many organizations avoid email encryption because it’s often seen as complicated or unnecessary. In fact, encryption is simple to set up and provides your business with protection that far outweighs the minor setup cost. Often, federal and state data breach notification laws require entities to send notifications to media or customers if a breach involves unencrypted information.
If an unauthorized person ends up with one of your unencrypted computers, tablets, phones, or removable storage disks, there’s nothing to stop them from accessing all your data stored on the machine. Full-disk encryption renders your files illegible without a correct password. This prevents an attacker with physical possession of your device from accessing the data stored on it.
A password could be all that stands between an attacker and your organization’s confidential data. Here are some tips for creating strong passwords:
- Include at least 14 characters—a longer password is better
- Contain no easy-to-guess passwords (username, dog’s name, birthdays)
- Contain no default passwords (admin, password, 1234)
- Use a mix of lowercase letters, capital letters, numbers, and special characters
Password habits are also very important. You can avoid common pitfalls with the following tips:
- Don’t reuse work passwords for personal accounts and devices, or vice versa
- Don’t tell anyone your password, regardless of who is asking
- Don’t keep your password on a piece of paper with a mobile device
Desktop and laptop computers
Today, many servers, desktops, and laptops include encryption software by default—although it may not be enabled. For example, the BitLocker full-disk encryption program comes preinstalled on most professional and enterprise versions of Windows. On Apple computers, FileVault 2 provides full-disk encryption on the latest versions of the Mac operating system.
Since mobile devices are more likely to be lost or stolen than desktop computers, mobile device encryption is critical to your security plan. Many popular mobile device manufacturers include an encryption feature in their operating systems. However, it may not be enabled by default, so you must ensure it’s on. Also consider additional security measures, like requiring a password to unlock the screen on mobile devices.
Removable storage devices
When choosing USB drives or external hard drives, look at devices with built-in encryption. For instance, IronKey encrypted flash drives provide industry-standard encryption and they self-erase after ten unsuccessful password attempts.
If you buy a laptop or USB drive without encryption already built in, you can use special encryption software to create encrypted volumes within a normal file system, or encrypt the whole device.
At Hortica, we want to assist you in protecting your business by providing the information and resources you need to help prevent losses before they happen. Contact us and let’s have a conversation about protecting your critical data.
Learn more about protecting your business, check out the Hortica Resources section.
Concerned about equipment thefts from your business? There are ways to protect yourself.
Security cameras may provide you some extra piece of mind. Check out the details.