Top 5 Tips for Data-centric Business Security
Data security is one of the hottest tech topics of 2015. Cyber criminals continue their malicious ways with sensitive consumer data and businesses continue to become more and more dependent on using sensitive data. It’s more important than ever to understand how to keep sensitive data safe and secure within corporate systems, and as it flows beyond the enterprise digital boundaries.
Here are five tips for keeping your business data secure the data-centric way:
1. Make it a Mission
A focus on data security should start at the top. Terence Spies, CTO at Voltage Security, offers this tip: “Get senior management buy-in to data protection as a core business value.”
We recommend getting this crucial buy-in from the start. Security and IT need to work together as a team to build security into the core infrastructure as early as possible. Take the time to revisit your corporate values and ensure that data security is part of the overall corporate focus and mission.
2. Get Organized
To protect your company’s data, you need first to know where it is. Sensitive data, such as private employee, customer and/or patient information is probably lurking throughout your company’s applications. Build and maintain an accurate map of sensitive data repositories and create operational policies for the organization to follow. Stay organized by following proven development techniques.
As John Weald, VP of Engineering at Voltage Security points out, “When deploying, start with one application that either receives sensitive data or stores sensitive data.” Continue from that point to assess and secure adjacent applications that deal with sensitive data.
3. Use Proven Data Protection Methods
Always use standards-based and proven data-centric techniques to protect your sensitive data. For instance, when it comes to sensitive data included within emails, Michael Osterman, founder of Osterman Research Inc., says, “Sending sensitive or confidential information through email without encryption is tantamount to posting private information on a bulletin board. Encrypting email, whether manual or policy-based, is a critical best practice and should be implemented for all users in every organization.”
For end-to-end protection of sensitive emails and attachments use Voltage SecureMail™ with Voltage Identity-Based Encryption™ (IBE). IBE solves the traditional key management, operations and scalability challenges.
4. Educate Your Team
There are some basic best practices that all employees involved in secure data should be aware of. Informing them of regular anti-virus and firewall updates, and data de-identification strategies such as tokenization and encryption, can help address accidental data breaches down the line.
It’s important to make time to discuss security with employees. According to Balaji Ganesan, the Senior Director of Enterprise Security Strategy at Hortonworks, “It’s like taming the elephant. Don’t run away from the security discussion.”
Make data security education a vital part of every new employee’s training to ensure consistency across the company.
5. As Needed Only
The more often you access sensitive data, the increased possibility there is that data will be leaked or unintentionally left unprotected. John Weald offers our fifth and last tip: “Protect sensitive data when it is created but only access sensitive data when absolutely necessary.”
It’s an unfortunate reality that cyber criminals are out there looking for ways to take advantage of your sensitive data. It’s up to all of us to take the steps necessary to keep sensitive data safe and secure. Voltage Security can help.
What are your biggest concerns about data security? What other tips would you add to this list? Share your tips with us in the comments below.