Three Things You Can Do To Help Keep Your Information Assets Safe
Recently the US Government announced a data breach impacting 21.5 million Americans. This has become the rule rather than the exception. The 2015 Ponemon Cost of a Data Breach study identifies the average cost of a data breach as $3.79 million. These events have long-lasting and severe impacts. They are expensive to contain, expensive to repair and may do extensive harm to brands and relationships. At Advanced, we have made substantial investments in our infrastructure to qualify for PRISM International Privacy Plus Certification. Data security is always top of mind for us and it should be for you, as well. Here are three things you can do to help protect data in your operation.
Data in motion or at rest is provided an extra layer of protection through encryption. Use a strong encryption technology to defend networks, digital communication streams, and data in storage offline and online. HIPAA and the Payment Card Industry Data Protection Standard recognize the effectiveness of protecting data through encryption. The price of encryption software and self-encrypting drives make this risk mitigation strategy affordable. Make sure you manage encryption keys in a secure location. Limit access to areas where encryption keys are stored. It is also smart to keep a redundant copy of keys in another location, just as you would any other type of vital record.
Employee errors or lax treatment of access security like passwords are a major cause of breaches. If you don’t have the internal capacity to conduct training on information security issues, call us and we will help you locate a professional trainer who can elevate this issue within your organization. Do a quick walk through to see how many password notes are visible or easily found. Paint a vivid picture for co-workers of what would happen if your organization experienced a data breach. Employees understand how devastating a fire would be. They may not realize that recovering from a data breach may be much more expensive than a fire. Create and train on information security policies, a breach response plan, and identify an internal resource or responsible person to act as information security officer. Empower employees to act as allies in defending the organization against data breach.
Organizations that maintain an alert and active posture regarding data security monitoring are better positioned to detect an incident earlier and respond faster. Use outside sources to provide penetration testing. Make sure security patches are updated quickly and remove access to any employee who has been terminated or who has left the company. Change passwords at regular intervals and increase their length and complexity to make them harder to crack.
If you need help with information security issues, call Advanced at (323) 727-7277 or e-mail us at Cartons@advancedrecords.com.