Many companies today recognise that their data is their most valuable asset. But even high profile enterprises don’t always manage to secure their data optimally. We’ve seen devastating data breaches cause financial, reputational and legal losses, destroying customer trust in a flash. And with data protection regulations becoming increasingly strict, properly protecting company data from malware (malicious software), ransomware and other threats is absolutely imperative.
Build a strong data fortress
Stopping malware before it gets in and steals, changes, monitors or deletes your organisation’s valuable data is first prize. A well-implemented data security strategy can prevent unauthorised access to your systems. Make sure it covers your network infrastructure, servers, computers and files – whether these are onsite, offsite, or in the cloud. Your data security strategy should include these two aspects:
- Digital infrastructure – The digital controls that can stop malware from getting in:
- Anti-virus, anti-spyware and anti-ransomware protection
- Access controls
- Data and user access encryption
- Network security
- Keeping operating systems, tools and apps up to date with the latest security patches.
- User education – Raising awareness about malware amongst your staff:
- Know what to be suspicious of, e.g. links, unsolicited attachments, unknown senders.
- Know what to do if you accidentally fall into a malware trap, e.g. no shaming but quick action, disconnecting machines immediately, ensuring the IT hotline contact information is easy to access.
Even with all these in place, malware can still creep in. If the worst happens, how can you minimise its impact?
Backup your data properly
Data storage describes how and where you store the operational data that is currently in use by your business. A data backup is a secure copy of this data, stored elsewhere. Many data security vendors save more than one backup for their clients, in multiple locations, either onsite, offsite or in the cloud. Data backups run frequently – usually every 24 hours at least, but sometimes several times a day when large volumes, or critical or very sensitive data are involved. Backups usually contain data from a relatively short period – think days or weeks, not months or years (the latter is where data archives come in).
When a data disaster strikes, restoring backed-up data will return your company’s system quickly to the state it was in when the data was last backed up.
After a data incident, data backups will:
- Recover the most current version of your operational data.
- Reduce the costs, downtime and other negative results of business interruption.
- Reduce recovery time and help your organisation bounce back faster.
7 guidelines for data backups
- First figure out what needs to be backed up and how often this should happen.
- Make sure your data is backed up to more than one place (on-site, off-site, cloud). Offsite backups are completely separate from your network so will be completely safe if your network is compromised.
- Consider backing up your data in more than one format. (Ask a data security specialist what is best for your organisation.)
- Ensure your backups are encrypted, incredibly secure (backups need firewalls and protections too), and subject to strict access controls and protocols. Only a handful of trusted people should have access to your backup facility.
- Make sure your team members know where and how to save their data in order for it to be backed up.
- Have a process in place to recover backed-up data once a threat has been eliminated. Know who is responsible for this process and make their contact information readily accessible.
- If an incident occurs, know how long it will take to get everything up and running once it’s safe to do so, so that you can manage expectations around downtime.
Consider working with a specialist, reputable data security advisor for something so important. They know much more about it than you probably do and it’s worth getting expert advice. A data specialist will also know exactly what data protection and privacy regulations apply to data storage. They can help you guarantee your backups are fully legally compliant. And having a specialist handle a crisis for you will also make data recovery quick, easy and a lot less stressful.
This guest post was written by Michael Queenan from Nephos Technologies