Protecting Personal Information: A Guide for Business

by Staff Writer on April 25, 2013

These days, businesses are celebrating the convenience and efficiency that server-based networking gives them in their day-to-day operations. Whether they are constructed locally or online, networks enable business associates to more effectively communicate with each other and the clients they serve. Such convenience comes with drawbacks, however, as the security of information that businesses choose to store on their servers can easily be put at risk.

Many businesses deal with confidential information on a daily basis. Whether they handle bank account numbers, social security numbers, internal business communications, and/or the personal data of clients and employees, businesses often have a tremendous responsibility when it comes to safeguarding sensitive data. Even the smallest security compromise can lead to costly corrective measures, which could end up wreaking havoc on a company’s bottom line.

This guide was designed to make businesses aware of the various security risks associated with storing sensitive information on servers and over networks, as well as the steps they can take to reduce these risks. While this guide is not meant to alarm business owners and their associates, it should help them understand that remaining vigilant about securing information is necessary for ensuring such data does not become compromised in the future.

Tactic #1 – Stay Organized and Keep Things Simple

During the hustle and bustle of daily business operations, keeping information organized often takes a backseat to more pressing matters. As a result, many organizations may not realize they are susceptible to fraud and theft until it’s too late. Therefore, it’s important to set aside some quality time to review how information is stored across your business networks and explore simple ways of organizing it.

Let’s consider the case of a small business owner who provides financial planning services for local residents of the community. Immediately, the small business owner should understand that their line of business is a prime target for criminals who wish to access valuable information. Not having a steadfast organizational structure in place for client data could spell disaster for a financial institution.

Business owners should identify the sensitive files and documents they store on their servers or online and make certain that confidential information does not co-mingle with less sensitive materials. Normally, businesses have security measures in place to keep confidential information safe; by keeping this data separate from less secure pieces of information, the chances it could become compromised will decrease exponentially.

It is also important to keep sensitive information organized so only a select number of employees can access it. For example, a business may not want to store bank account numbers and client addresses in a folder that an employee with no need for such information can access. While a business owner should not be distrustful of their employees, it is always a best practice to restrict access to confidential information to those who work with it on a regular basis.

Tactic #2 – Protect All Sensitive Information

While this may seem like a “no-brainer,” you might be surprised by how much sensitive information is stored on business networks without so much as a password to protect it. Should a fraudster learn that company managers don’t adequately secure sensitive information, even the most successful business could have an unexamined liability blow up on them.

Passwords are a universal security feature for businesses. Unfortunately, even the most carefully constructed passwords are at risk of being compromised by criminals who spend their days looking for better ways to crack them. Therefore, it is essential that businesses change their passwords regularly in addition to establishing added layers of security.

Protecting information stored over networks often starts with the security of the network itself. Wireless networks are notorious for being compromised, simply because these networks can be accessed by anyone within its range (which could be someone at the cafe across the street). Ensuring that your wireless networks are securely locked down is imperative for any business that relies on networking wirelessly. This excellent article by the United States Computer Emergency Readiness Team (US-CERT) provides helpful instructions on how to keep your wireless networks protected.

Several industries, including the financial sector, are required by law to annually train and assess employees on information security. The same tactic can and should be adopted by any business that handles and stores sensitive information over its networks. Often, such training can be accomplished during a company meeting or by creating a standardized test that will assess an employee’s knowledge of keeping sensitive information safe and secure. This goes to show that a little bit of time spent on information security can save a lot of time and hassle down the road.

Tactic #3 – Safely Dispose of Unnecessary Information

When it comes to properly disposing of sensitive business information, the last place you want it to go is in the trash. Once trash is removed from the business premises, it is anyone’s guess where it might end up. Therefore, having methods in place to safely dispose of sensitive information is a great way to keep it from ending up in the wrong hands.

Many businesses that deal with sensitive information on a daily basis already have safe disposal routines in place. One of the most common methods of safely disposing of unnecessary information is to shred and recycle it. This provides two layers of protection: First, by shredding the information it becomes much more difficult for someone to access sensitive content. Second, once shredded paperwork makes it to a recycling center, it will then be destroyed and recycled, thereby erasing the sensitive information it once documented.

Some businesses implement additional security measures for hard drives and servers they no longer use. Unfortunately, simply wiping clean a hard drive or server is not enough to keep fraudsters from accessing the sensitive information it once stored. As a result, taking steps to safely destroy unused hard drives or servers is usually the best way to ensure that previously stored data can never be accessed again.

Tactic #4 – Cybersecurity

These days, it’s a given that most personal computers should have robust cybersecurity protection against viruses, malware, and other digital attacks that could jeopardize the security of their data. It only makes sense that a business should take the same precautions with their own servers and networks.

Unlike a personal computer, business computers and networks are usually accessed by several people who may have varying levels of computer literacy. Some of the most common security breaches are phishing scams. These scams typically disguise themselves as emails or websites that seem trustworthy to the average computer user. Therefore, it’s important employees of a business are properly educated on the dangers of phishing scams and the steps they can take to avoid falling victim to them.

Businesses should also be wary of malware and spyware in their quest to secure their servers and networks. The first step a business should take is to make sure their networks are adequately monitored by trustworthy antivirus and antispyware programs. Moreover, a business should also be vigilant about fully-checking their servers and networks for virus and spyware attacks by running these programs on a regular basis. For more information on the various software a business can use to protect its servers from malware and spyware, Techlicious hosts a great buying guide to help you choose which software is best for your business’ needs.

Securing Sensitive Information Is the Cost of Doing Business

Making an investment of time and money toward securing sensitive information is a lot like taking out an insurance policy for your business. While it might seem rather costly with little reward in the short-term, doing so can save your company from ruin years or months down the line.

Fortunately, taking the necessary steps to secure sensitive information stored on your business servers and networks is easier than ever. Best of all, many of the tactics outlined above require little more than an investment of your time. So, like any threat to your bottom line, information security is something every business owner should take seriously.

Categories: Advice

Previous post:

Next post: