It seems like every week, there is a new story grabbing the headlines about a major corporation that has had their data stolen. Cyber thieves no longer prey upon just small to mid-sized companies anymore, but very large ones as well. In this blog, we will discuss exactly what a data breach is and how you can protect your company against becoming a criminal’s next target.
What Is A Data Breach?
A data breach is a failure in cyber security, whereby a company’s confidential, sensitive and protected information is accessed by an unauthorized party. Data breaches are not always perpetrated by outside forces, as many have taken place inside a corporation by unscrupulous employees.
Unfortunately, many company employees still use passwords that are very simple to figure out. Because people create passwords that are easy for them to remember, they often use ones such as “123456”, “password” or the name of their company. Implementing a comprehensive password strategy companywide is the first step in protecting sensitive, corporate data. Industry experts advise that passwords should be made up of at least eight characters, using a random assortment of upper and lower case letters, numbers and grammatical symbols. In addition, corporate computer systems should be set up to force employees to change their passwords every 3-6 months.
Set Up Levels of Authority
It sounds simple, but sometimes data breaches occur because too many people have access to sensitive information within a company’s structure. Set up authority levels within your business, so that a limited about of employees are able to see sensitive data on a regular basis. In addition, be sure to have your company’s HR and IT departments immediately block system access on any employees that resign or even worse, get let go from the organization.
Boosting Email Security
One of the most common forms of cyber crime is email phishing. With phishing, online thieves access highly sensitive information and data via corporate email systems. Usually posing as a legitimate and trust worthy email sender, phishers illegally dupe mail recipients into sending them very sensitive information such as login credentials, bank account information and other highly sensitive data. Phishing emails can usually be identified by their generic subject line greetings and urgent requests for highly private information. These kinds of attacks can be greatly minimized by only giving out company email addresses when needed, conducting ongoing employee training and always being on the lookout for suspicious looking email addresses from senders.
When it comes to the topic of how to avoid a data breach, there are a number of strategies that companies can utilize to help themselves guard against information thieves. By setting up a standardized password protocol company wide, implementing data access levels of authority, guarding against phishing attacks and performing regular data backup, companies can be well on their way to minimizing their vulnerability to cyber crime. Be sure to perform a risk assessment on a regular basis to identify any weak points in your cyber security chain.
Still have questions? contact us