Every other week there is a new high-profile data breach in the media. From Target to Home Depot to iCloud to JPMorgan to Snapchat to the White House—and most recently the devastating attack on Sony Pictures Entertainment—there’s always a headline highlighting the loss of data and breach of trust.
But that doesn’t mean your business has to be one of them and suffer the staggering $3.5 million losses resulting from an average data breach.
Here are eight practices and products you can adopt today to stay out of the data breach club.
1. Map infrastructure-related risks.
Data risks today don’t solely originate from malicious hackers, even if news headlines suggest otherwise. A recent PwC study found that internal threats and mistakes now constitute a bigger challenge to business security than external ones, meaning that regardless of size, today’s businesses must control not just data on storage platforms, but on employee and business partners’ devices and accounts.
2. Understand who has access to data in your company.
Ask yourself: “What is the most sensitive, confidential data that our business holds, how is it handled, and who has access to it?” Create a spreadsheet matching data types and services to the employees and business associates who can access them. Make sure to include the two most sensitive types of data: customer information and intellectual property.
3. Set roles and permissions.
Once you’ve identified your assets, review levels of access and if they can be regulated via policy, or, better yet, programmatically. An important factor to consider is whether your content management platform of choice allows the depth of control administrators need to set roles for each specific use case within the company. It’s important that these are refined, limiting access and edit of important data to authorized staff.