Establish best practices
Confidentiality in your office stands and falls with your co-workers, service providers and clients. Here are some best practices to help you establish safer data management and more privacy awareness in your daily work routine.
Principle of Least Privilege
Intended to decrease the damage produced by a security breach, the Principle of Least Privilege limits the access of information only to users that need it for a legitimate purpose or role. The idea behind it is that data protection can be improved if it is shared only to a limited number of people who are professionally trained to manage it.
In practice, since your accounting team doesn’t handle interviews, they don’t need database access to incoming job applications. At the same time, your IT guys will not need access to the billing details of your clients to carry out their work. Thus, you should make sure that access is controlled.
The Need-to-Know policy is usually enforced by organizations dealing with classified military or governmental information. Similar to the Principle of Least Privilege on account level, it implies that even if a person has general clearance for a certain level of confidentiality, information will only be shared or discussed if it is required to perform a specific task.
If applied to your office, it means that you do not grant access rights or discuss project details only based on hierarchy levels or trust in a business partner, but by specific role and involvement in an assignment.
In short: Keep your desks tidy, lock away confidential printed documents and close your computer whenever you leave your desk so that sensitive files are not openly accessible to visitors, cleaning staff or other employees with physical access to your office.
Privacy by Design
The concept of “Privacy by Design” has been introduced to guarantee the compliance with data security and protection of a new technology from the moment of its design. Online services aiming to meet this principle are great partners for the confidentiality of your business data. Moreover, the new European data protection regulation GDPR, upcoming in 2018, includes Privacy by Design as part of the framework.
It aims to take privacy into account throughout the whole engineering process to protect the users’ privacy and give them control over their data. It stands by the idea that the future of privacy cannot be assured solely by compliance with external regulations, but it must ideally become an organization’s default mode of operation.
The seven principles of “Privacy by Design”: It anticipates privacy invasive events before they happen rather than having to react to an incident. Privacy settings such as encryption are set to default to ensure that data is automatically protected. It embeds privacy into the design and architecture of IT systems without compromising functionality and usability. It protects the entire lifecycle of the data, seeks transparency and has the user interests as a priority.
Phishing is a form of social engineering used to deceive your co-workers or customers. It uses available information to "fish" for more sensitive data. E.g., your accountant might receive a very convincing email in the name of your CEO (who is on a business trip according to his Tweets) asking for online banking details or an important transaction to a business partner. The information needed to start this attack can be easily found on company websites and social media profiles.
Prevention measures to protect your business from attacks are spam filters, awareness training for your staff, formal protocols for requesting and sharing relevant business information as well as limiting the details on your employees (name, function, email, phone number) available on the company website.
Software updates help the creator of software to fix serious security vulnerabilities which can be abused to steal data or infect your system. Software updates also provide bug fixes that can improve both your user experience and online security. It is a best practice to update all the software you use on a regular base or allow automatic updates on your company devices.
Encryption helps to make any digital communication more secure; there is almost no action you can perform on a computer or mobile device today that does not involve at least a basic form of encryption. However, basic security measures are usually years behind the skills of hackers. Learn which encryption technology is on the rise and should already be part of your default data protection measures for any data.
You may have heard about it when WhatsApp introduced end-to-end encryption to their messaging service. But messaging is not the only way we share information with our colleagues or clients. Documents, voice calls, and emails include a lot of information that needs to be protected from surveillance or data breaches – hence why end-to-end encryption should be considered in all of them.
With end-to-end encryption, you don't need to trust your cloud provider blindly. Encryption and decryption are done directly on the device before they are uploaded to the cloud. No one can access stored data, except for the owner and users authorized by the proprietor.
Currently, the number of services offering end-to-end encryption is, fortunately, growing every day. Here you can find a list of services providing built-in end-to-end encryption, including Tresorit, Protonmail, and Threema.
Everything starts with the security and privacy of your internet connection. HTTPS encrypts the communication channel between your device and the online service you are visiting. Make sure you submit information only through encrypted sites using the https protocol.
If an address of a website or online form starts with "http" instead of "https", you can consider this a sign of weak security efforts and avoid submitting any private information such as email addresses, credit card data, or passwords. You can setup your browser to warn you in the address bar when a connection is insecure.
Local disk encryption
Encryption in the cloud doesn’t mean physical protection. End-to-end encryption protects data in the cloud. However, it means that you are responsible for protecting the device where the information and files are stored. For that, disk encryption, malware protection and the use of pin codes are essential.
Almost every operation system offers a disk encryption tool which you can use to make sure data stored on lost devices cannot be breached.
Restrict file access
Assessing the confidentiality level of your data also implies that you define who should be granted access and to what degree. There are several features can help you limiting the audience and actions that can be performed with your sensitive data. Here is what they do.
If you store or share business data with an online provider, there is no reason why they should be allowed to read your files. Therefore, you should make sure that they have no means to do it by keeping your password and encryption keys strictly private.
Providers using zero-knowledge combined with end-to-end encryption make sure they can verify a legitimate user without actually knowing the password. This security measure is based on a complex cryptographic concept, but in plain words, it means that the provider has no way to decrypt the files stored on their servers.
That way, a hack or breach on the provider side cannot endanger the confidentiality of the data. It is the most consequent way to utilize end-to-end encryption since encryption is only as strong as the integrity of the password and keys used to encrypt the files.
Manage permissions (owner, manager, editor, viewer)
Many services, especially cloud storage providers, enable you to manage access permissions for shared projects or folders. Invited users can be granted different roles such as viewer (can read the content), editor (can make edits) or manager (able to make bigger changes such as renaming, deleting or inviting more users). The owner can also revoke access anytime.
With this control feature, you can introduce best practices such as the Least-Privilege Principle and the Need-to-Know Principle in your office and make sure nobody has more access to confidential documents than the ones necessary.
If you are sharing documents with people outside your team or organization, it is not always possible to apply sophisticated permission settings as the ones described above. Revocable download links can help you to avoid the insecure upload of email attachments and - if necessary - block a link after sending the email.
But here is a word of caution: in case the URL is exposed, your files can be accessed by anyone who gains access to the link. Therefore, additional safeguards such as password protection are recommended. You can learn more about it in the secure sharing section below.
Collaboration is essential for every successful business. But sharing files outside the organization and its protected IT infrastructure bears many risks for data integrity. Learn how to protect sensitive data of different confidentiality levels when sharing with external stakeholders or employees outside your office.
Password, expiry and download limit for download links
Most businesses communicate and share attachments containing sensitive information through normal email. Revocable download links can help you to mitigate this risk and "unsend" the file if necessary.
For added security, set the day when your link expires, limit the total number of downloads, and add a password. Usually, these links are "hidden", meaning anyone with the link can have access to it. Sharing them without password protection is a risk you should not take with very sensitive files.
Next to this, it is always a good idea to share the link and the password on separate channels. For example, if you send the link via email, consider using your phone to text or call the recipient to share the password.
Secure cross-platform access
In the times of remote work, business trips and flexible working hours, it becomes increasingly unrealistic to limit data access to the desktop computers in the company headquarters. If secure IT solutions aren’t flexible enough, it is tempting for employees to find insecure workarounds. Even CEOs and state leaders may give in to the temptation if they cannot access important information in a convenient way.
Therefore, being accessible from any desktop, web and mobile platform is a security feature itself, as it helps business users enjoy the best protection for their files and data without compromising flexibility.
Manage account access
Securing the access to your company accounts is the frontline of all security measures and should be applied to any business, no matter what information they are dealing with. Starting with a secure password for your company's Twitter account up to online banking, there are many things your IT admin and staff can do to improve the protection of your work accounts.
Strong password enforcement
Guessing easy and commonly used passwords such as "123456" is still one of the easiest ways for hackers to get access to your business data. Even the best encryption can be weakened by poor passwords. To make the job of hackers more difficult, your team needs to create good and unique passwords when using any online service.
Services enforcing the use of strong passwords notify your team members when their password is weak or commonly used and make it mandatory to choose a stronger password.
Strong passwords should be at least 8 characters long, include capital letters, lower case letters, special characters and numbers.
In addition to your password, 2-step verification provides a second, randomly generated, password. As your password is the key to your confidential files and data, it is highly recommended to secure it with an extra lock. Adding 2-step verification using voice call, text message, a dedicated authentication app, or email provides an additional layer of security that makes it way harder for hackers.
Nowadays, many services make it possible for the system administrator to make it mandatory for everyone in their company.
IP blocking and domain restrictions
Using IP filtering, your system administrators can define wanted or unwanted access locations to business data. That way, he can limit data access to your office WiFi connection and block IP's from foreign countries.
This can help in preventing staff accessing work accounts via insecure WiFi connections as well as malicious access from stolen devices or user credentials.
Limiting access and sharing only to email addresses under the company email domain follows a similar logic. Additionally, it helps limiting the damage of phishing attacks where team members miss that the email they respond to looks similar, but not identical to the real work email.
Suspicious activity notifications
If a service offers automatic email or text notifications for suspicious activity, it helps a user to monitor access from unknown devices, countries or failed login attempts.
Even though there is a risk of false alarms, this feature is very helpful to get notified and keep from falling victim of somebody secretly abusing your login credentials.
Look for reliability
If you are dealing with confidential documents, you shouldn’t have too many copies or printed versions of them available. However, that also means you need a very reliable service preventing data loss and making sure you have access to the files whenever you need them.
Server with redundant storage
Data uploaded to a redundant system is mirrored to multiple storage nodes within one or over several data centres, creating redundant copies. This mitigates the risk of data loss and ensures high availability at the same time.
Please note: Sometimes, services operate with data centres in various countries, thus you should make sure that all mirrored versions of your data are stored in locations you agree with.
High availability & uptime
A highly available cloud application implements strategies to absorb or compensate outages to assure the best possible uptime and availability. This means, you can access the service storing your online data whenever and wherever you want with as little downtime as possible.
Check regulations and compliance
The compliance regulations your business is required to meet need to be extended to the third parties you use to store your data. Check what you should pay attention to when picking a business service.
Whenever your business entrusts an online provider with data such as documents, communications or client data bases, you need to make sure there is no room for abuse that could affect the data you are responsible for.
The location of the servers that your online provider uses to store data can have an impact on who can access your data and how well your files are protected against physical attacks. This is especially risky if your data is not end-to-end encrypted.
Tresorit runs on Microsoft Azure with servers in the Netherlands and Ireland. We chose this service because it meets the highest physical security standards so that we do not have to fear server outages and lost data (e.g. because of earthquakes) and it is certified to comply with high EU requirements.
Strict privacy laws in provider country
Strict privacy laws should protect all the data you share with your providers. Even when using encryption to protect your files and account credentials, there’s still metadata that your online service must have access to, such as your email address, credit card or location logs.
Some countries such as Germany, New Zealand, Iceland, and Switzerland are considered to provide strong privacy regulations. You can find out where your provider has their business registered on their “About us” or “Contact” page. Tresorit, for example, operates under Swiss privacy law. That way, our customers’ metadata enjoy very high protection.
Using cloud computing in the healthcare industry may be the only way to address critical IT infrastructure issues like mobility, cost, and data security. The US HIPAA regulation mandates industry-wide standards for health care information on electronic billing and other processes and requires health professionals and organizations to protect and keep patients' health information confidential.
Online services that comply with HIPAA requirements are suitable for health organizations that handle very sensitive medical data.
Therefore, HIPAA compliance is a good sign for businesses from any industry seeking high data security standards.
Have a fallback plan
If you leave your mobile or laptop unattended on the beach or in a café, your device and data can easily get into wrong hands. But there are several useful features next to disk encryption that - if activated - help you to protect confidential business data even if the device itself is stolen and cannot be recovered.
As a first and most important step to protect business information such as work emails and files on stolen mobile devices, use a long passcode and set up short timeout (preferably immediate screenlock).
Some mobile providers offer an additional setting that erases all data from the phone after too many failed login attempts. If your phone contains confidential information it is recommended to make sure the data get erased in such a case.
If your phone contains highly confidential information, it is recommended to make sure the data gets erased before it’s compromised.
Some apps offer a remote wipe feature, which let you manually send a command to delete sensitive files from your lost or stolen phone or laptop while keeping a copy of the documents secure in an encrypted cloud.
Depending on the service, you may be able to submit the remote wipe command when the phone has access to an internet connection or through a text message.
You can’t find your device but remote wipe is not an option? Then unlink it from your most important business and social media accounts.
Unlinking a device gives you the peace of mind that nobody can access your accounts and cause additional damage from it. Usually, you can find this setting in the security management of your online accounts.
Here you can learn how to unlink a device from your Tresorit account.
Even those who run a digitally well-organized office may face a situation when they need an earlier version of a file (e.g. if a device gets corrupted by malware).
File versioning helps you to recover most of the content by downloading a previous version from the online service it is synced with.