Very simply, protecting stored data means stopping unauthorized people from getting to it. The purpose for their access doesn’t matter – whether it’s accidental or intentional, for corruption or infection. Safeguarding data entails knowing the possible threats, implementing layers of defense against them, and continuously monitoring everything to ensure there has been no breach.
Use multiple layers of defense
Use a multi-tier data protection model that protects the data on different levels. One line of defense is not enough to protect from all of the potential internal and external threats in existence.
Use both virtual and physical security measures
Verify user credentials before allowing access to anything – this is referred to as authentication
Secure data so that only the correct people can see it – this is encryption and security roles.
The roles a person is assigned is based on their job. If it’s not part of their job, they shouldn’t have access to it.
Use firewalls and antivirus software
Firewalls monitor inbound and outbound connections to a network. It’s important to choose one that is not only well-equipped and up-to-date, but one that also allows programmable exceptions for standard processes you have in place.
Anti-virus software is another key element of proper security, as it’s meant to prevent viruses from accessing your data. Even something as simple as a key-logger (which anti-virus programs would pick up) can steal everything you type, including usernames and passwords. Bite the bullet and buy the software you need to stay safe and protect your data.
Don’t Neglect Physical Security
Keep data under lock and key, literally. Make sure you know where your physical data is stored and who has access to it. Know who should have access and who should not, and keep a log of who accesses what and when they do it. When something happens, you can go back to your log.
Change passwords frequently
Although it can be a pain in the butt, make sure that passwords are changed on a frequent basis to minimize the chances of a data breach. Daily is too much, but month might be better. Or, if you don’t want to keep changing passwords, install a biometric system to login for you. Biometric systems have become quite popular in science-based and technology organizations. Your fingerprint is always with you and no one else can borrow it.
Stop using removable devices
Stop using removable devices on the computers. The security/IT department can even install preventive measures to prevent the computers on a network from reading removable devices, which would be the ideal scenario. This prevents people from saving data to a personal device and also prevents downloading harmful programs or data onto the secure network.
Security is important…but not that important
Security is extremely important to your organization, but make sure you don’t go overboard. This comes down to judgment, but security should not interfere with the productivity of the organization or you may cease to exist for a different reason. Make it very clear who can access what data and you’re less likely to have issues.