Data security is something of a worry for any business that uses databases to store business, customer and employee information, but in reality, following some basic steps will eradicate the risk from all but the most determined of hackers. It is impossible to be 100% watertight and still have a functioning business because it just isn’t practical to have all your information stored in a system that is a standalone terminal. However, limiting your data exposure is easily achievable. Most of the time, leaks of information occur through people who have legitimate access to your data.
Anything else is usually a targeted attack and while a successful attack is a public relations nightmare, they are usually nothing more than an exercise in one-upmanship, but that is not exactly comforting. To limit the chances of data leaks causing your business, consider using a solution that has data security as part of the package. We use Dell network storage solutions that comes with a Dell security system. That works for us, but we still use the following practices.
Data Security Risk Assessment
We consider which areas are most likely to suffer a deliberate attack from both inside and outside our network, but most importantly, we assess where someone is able to alter data either accidentally or maliciously. The changing or destruction of data by authorized users is by far and away the most common way in which data damage is inflicted.
We attribute a risk value that reflects the impact of certain risks and the probability of each risk becoming an event and collate all the information to identify where our major weaknesses exist. With this information, you can actively limit risk by changing processes such as requiring extra approval systems or consolidating live records with your backed up data periodically.
Security and Data Transmission
The encryption of data should be second nature to developers, especially where software is developed with browser technology. Couple encryption with access control technology and your software should be reasonably secure. Realistically, software developers should have created software using their best practices, but the following steps are ones that you may be able to take regardless of the software your business uses.
- Use zoning to separate traffic so different networks are unable to communicate with each other.
- Physically separate networks where possible.
- Use auditing and network intrusion detection software.
- Physically separate data storage where possible or at least data backups.
This document goes into much more detail about how to secure your data and the best practices, but a risk assessment will help you minimize opportunities and reduce exposure effectively. Being part of the Dell team, I know we have a great range of network storage solutions available, which can be found on our site. Visit the site and browse the solutions on offer.