Keeping Your Data Safe

Security and privacy are hot topics these days, and for good reason. Unethical sharing of data and data breaches can lead to all sorts of unwanted outcomes. We all know that eerie feeling of seeing a targeted ad for something on your phone after you were just talking about it, but compromised data can be used in more damaging ways too. For that reason, even if your company isn't an expert in data security, you need to understand how to keep your sensitive information safe. That’s why in the following blog we’re exploring data protection and how to protect your data from hackers and loss.   

What Is Data Protection?

Data protection is the act of safeguarding all of your important data from being corrupted, lost, or compromised. Furthermore, data protection should allow you to restore data that is lost or corrupted to its previous state. One of the main benefits of data protection is that even if you cannot prevent data corruption from happening, you can proactively mitigate the damage. To get a better sense of how data protection works, let’s take a look at 5 methods of protecting data.

1. Backups - Backups provide a certain level of protection, especially if data is lost. While backups shouldn’t be your only line of defense, they are a key component to a comprehensive data safety plan.

2. Data Replication - Similar to backups, data replication consists of creating multiple copies of data and storing them in different physical and digital locations. That means if one is compromised, another copy can be accessed.

3. Encryption - Encrypting or encoding data is a way of ensuring that only authorized personnel can access data by creating a “key” which deciphers or decrypts the data.

4. Access Control - The idea behind access control is to only allow necessary access to specific data. For example, sensitive data does not need to be accessible to everyone in an organization, just those who specifically need that data to do their job.

5. Authentication - Currently, many websites and applications require two-factor authentication, which sometimes consists of entering login credentials and receiving an access code via text or a confirmation phone call. Obviously, the more robust the authentication process, the more safe the data is.

Why Is Data Protection Important in Your Place of Work?

Data protection in the workplace is important for several reasons. For starters, you have a moral obligation to protect client data and respect their privacy. But beyond that, there are more concrete reasons data security matters. The main ones are compliance, reputation, and repercussions.

Compliance

There are multiple national and global governing bodies that require certain levels of data security and specific data protection practices. Some of these regulations include:

• The National Institute of Standards and Technology (NIST)  is responsible for developing and distributing government and private sector standards for technology.

• The International Organization for Standardization (ISO)  develops global standards for technology and other systems.

• The Payment Card Industry Digital Security Standard (PCI DSS) is a set of standards pertaining to credit cardholder information.

• The General Data Protection Regulation (GDPR)  addresses a broad range of data and technology protection standards in the EU.

• The California Consumer Privacy Act (CCPA)  governs California’s consumer privacy and data protection.

• The Health Insurance Portability and Accountability Act (HIPAA)  protects health data and information.

• The Federal Risk and Authorization Management Program (FedRAMP)  provides guidelines for assessing cybersecurity risks and threats.

• The Federal Information Security Management Act (FISMA) is a framework that helps define security actions pertinent to cyber threats.

Governing body websites to reference:

• PCI DSS- Official PCI Security Standards Council Site

• GDPR- General Data Protection Regulation (GDPR) – Final text neatly arranged

• CCPA- California Consumer Privacy Act (CCPA)

• HIPAA- HIPAA for Professionals

• FedRAMP- How to Become FedRAMP Authorized | FedRAMP.gov

• FISMA- Homepage | CISA

Reputation and Repercussions

Beyond remaining compliant with statutes and regulations, prioritizing data security is a big part of your company’s reputation with clients. Data breaches can quickly destroy trust in your brand and diminish your authority with customers. Beyond that, though, there can be serious repercussions in the form of legal action, lost business, and reparations.

Take the Yahoo data breach as an example. In 2016, Yahoo announced that more than 500 million user accounts had been exposed in late 2014. At the time this was announced, Yahoo was on the verge of being acquired by Verizon. This data breach caused a 350 million dollar decrease in Yahoo’s valuation. What’s more, Yahoo agreed to a 117.5 million dollar class action settlement to pay affected parties in 2019. While this example might seem extreme, it is a cautionary tale of why data security is a top concern for so many companies.

Moser…Helping You Decide How To Protect Your Privacy    

Like we mentioned earlier, you don’t have to be a data security expert to follow data protection best practices. At Moser, we have spent the last 25 plus years helping IT companies navigate all the challenges that come their way. We can help you fill the gaps and provide insight and direction for all of your organizational needs. Check out our offerings here, or contact us today to learn more about how we can help you!