Data breaches can spell disaster for businesses. The average financial cost of a commercial breach increased by 2.6% to an alarming USD 4.35 million over the last year alone. There may be other costs too for commercial and state entities such as loss of ability to function, reputation, and revenue.
Individuals also suffer losses of various types following a breach. These could also be reputational and financial thanks to banking, account, or other sensitive data such as names, addresses, or social security or passport numbers being stolen and misused.
These attacks happen, and they are on the increase, but how do you protect yourself? There are things you can do, regardless of whether you are a business owner or an individual.
Five ways to protect your sensitive data if you're a business owner
One of the many technology-related terms familiar to us is "data breach", but what does it mean?
A data breach is a security violation or breach that involves an unauthorized third party accessing a network or account. During the breach, sensitive information is viewed, copied, transmitted, or stolen.
To avoid a breach, data must be protected when it's in transit and being stored. But how do you do that? Here are some of the best ways to protect your sensitive data.
1. Use protocols and encryption on your website
What: When a customer does business with you, they provide sensitive information so that the transaction can occur. This would include name, address, and credit card details. This data is transmitted to a server over the internet, usually to several destinations within and outside your business. These transactions all need safeguarding.
How: There are a few options for you to pursue to safeguard data in transit:
- Follow compliance and vulnerability management principles that are common in your industry. For example, you can protect customer data and strengthen your data security with SOC 2, a set of five principles that comprise a cybersecurity compliance framework. You can adopt software to make this process much easier.
- Use HTTPS/SSL encryption protocols on your website or at the very least on any pages that collect sensitive data. This encrypts data as it moves from the customer's browser to the web server.
- If the above protocols are not an option for some reason, add encryption to data transfers by using a reputable VPN designed specifically for businesses.
Using these means that even if data is intercepted by an unauthorized party, it will be unreadable and therefore unusable.
2. Secure stored data
What: Data that's not in transit is stored on some form of drive in a database or on a server. It may be in many forms, including files and documents of various formats. A hacker could gain access to it by stealing a password via phishing. Alternatively, a network or server may come under direct cyberattack or be hacked via a third-party site.
How: Your business stores customer and employee information and data that are crucial for the running of your business. Protect them by:
- Maintaining an inventory so that you know what data you have, where it's stored, and who has access to it.
- Encrypting all data. This is easier for data that is stored long-term and doesn't need to be accessed often.
- Securing your premises so that somebody can't just walk out with a laptop or even a desktop.
- Housing dedicated computers or storage devices for sensitive data in a secure and restricted area where only authorized individuals can access them.
Adopting these measures is an integral part of safeguarding stored data but is only part of what is required.
3. Protect data from unauthorized access
What: Unauthorized access could be by a hacker, an employee who should not see certain information, or even a disgruntled employee. This area of risk needs to be addressed through both authentication (who the user is) and authorization (whether the identified user should be there).
How: As with other security measures, there are several aspects to protecting against unauthorized access:
- All computers in your business should create audit logs. These allow investigators to track all activities to see who accessed what and when.
- All employees and customers must have unique passwords and usernames. Ensure your employees know they should never share theirs with anyone, including colleagues.
This is really about only giving digital keys to those who need them and knowing who accessed which areas.
4. Establish internal controls
How: You want to trust your employees and you probably do. However, people are fallible and may steal data or misuse or steal company money. It's also possible to leak data by accident.
What: There are steps you can take at the point of employment and later to mitigate against this risk:
- Include sections in employment contracts that prohibit employees from sharing certain specified information.
- Set up safeguards so that important files can't be deleted or overwritten.
- Monitor employees' accounts via an automatic monitoring system so that you can detect when an outside party is attempting to hack an account.
- Limit the access employees have to data so they can only see and work with the information they need to perform their job.
- Ensure that business and personal contacts in digital address books are kept separate so sensitive information is not inadvertently sent to the wrong addressee.
Human error is a reality, but these measures can help to protect against some breaches caused by a lack of awareness or lapses in concentration.
5. Be ready to deal with data breach/loss
What: Data loss and breaches aren't limited to attacks. There can be disk failures or damage and other non-malicious but damaging losses. Accept it's a possibility (almost an inevitability) and do what you can to minimize the fallout.
How: Again, the strategy for dealing with data loss after it has happened is a multi-pronged approach:
- Ensure that you do regular backups of all your data. Setting up automatic backups where possible is ideal.
- Backups should be done to an external hard drive or, for large volumes of data, to a reputable, secure offsite facility that uses encryption or to the cloud. Some costs are involved.
- Determine how you'll deal with a loss of sensitive data before it happens and who will be responsible for managing these activities. Your plan must include closing data holes, notifying appropriate parties, and launching an investigation immediately.
These will help to reduce losses and the danger that your business will be unable to carry on. Back in 2020, the average cost of a data breach in the US was an eye-watering $150 per record. This figure climbs year on year.
5 ways to protect your sensitive information as an individual
The good news for individuals is that there are several actions you can take to safeguard your personal data, and most of them are simple and free. Here are 5 tips to prevent unauthorized access to your sensitive information:
#1. Secure your accounts
What: There have been an alarming number of data and password breaches and leaks that have affected organizations that many have accounts with. Examples include Twitter, Facebook, and Yahoo. You need to safeguard your data.
How: Begin by establishing if your accounts, especially social media ones, have been accessed and take it from there:
- Search for your email address using a site like Have I Been Pwned? It will check it against information on hundreds of known data breaches.
- Thinking of and remembering numerous, strong passwords becomes a challenge. Use a reputable password manager to generate and store unique and strong passwords for all your accounts.
- Use two-step authentication for as many accounts as possible. It's already a feature of many financial institutions and some other entities too. As the name implies, its necessary to enter two items (often a password and a temporary code)
None of the above measures will cost you anything other than time. Once you set up a password manager and two-step authentication, you won't have to do anything further.
2. Protect yourself when you browse the Web
What: Everything we do online is tracked and monitored by websites and companies. As you shop, post on social media, etc., data about you is being collected. It will include information such as your location, but smart analysis can reveal a lot about you, like your gender, interests, and tastes. This makes you a target and --- even less desirable than all those ads --you may be vulnerable to cyberattacks.
How: There are websites now that give you the option to decline tracking cookies. However, you leave a digital footprint as you move around for anyone who's looking to see on other sites. You should:
- Download a browser extension that blocks ads and the data they collect. Some of them also prevent malware from running in your browser.
- Install a trusted USA VPN which hides your IP address and therefore your location and encrypts data as it moves through the VPN provider's server. A VPN is particularly important if you must rely on public WiFi.
- If you can, download an extension that automatically directs you to a secure version of a site. This helps you to avoid websites that aren't what they seem and makes it more difficult for a hacker to follow you or digitally eavesdrop.
It's essential that you select reputable extensions and a trusted VPN provider. This will involve costs, often a.
3. Keep your software and devices updated
What: Because hackers are smart and adapt to changes in operating systems, apps, and browsers, it's necessary to update them frequently. These updates are often security related. This is an important way to stay a step ahead of cybercriminals.
How: The way to handle this varies depending on what you want to protect:
- Major operating systems can carry out automatic updates, but you need to check that these updates are enabled.
- Third-party browsers such as Firefox and Chrome also update automatically unless you leave your browser open 24/7. If you do, reboot it periodically to get the updates.
- If you use third-party apps and software, check the settings. Select the automatic updates option when possible. If there isn't one, set a reminder to reboot regularly.
While none of these are particularly convenient, they make a big difference in terms of keeping security settings up to date and able to withstand the latest batch of malware.
4. Protect your laptop
What: Almost 650,000 laptops are lost or stolen at airports in the US every year. In addition to the inconvenience, the data it contains is now in the hands of a stranger who may not be malicious but isn't you! Your files, photos, and any other information stored on the device can be accessed and used, so you need to protect it.
How: Keep your laptop with you, but in case the worst happens you should encrypt the storage drive. Follow step-by-step instructions for both Windows and Mac to set up encryption using their in-built software. Once encrypted, a password and security key allows access. Without them, data is unusable.
5. Only install legitimate software and apps
What: Every app from a third party rather than an official app store is a potential security risk; be suspicious of free apps. Pirated software that's not from the originator is a window through which a cybercriminal could crawl, track your movements, and gather data.
How: The solutions are simple. Don't download apps or software that do not come from legitimate, official sources. Additionally, delete any apps/programs you don't need. Check the privacy permissions and disable any you aren't happy with or don't make sense.
When it comes to protecting your sensitive data, a little paranoia is a good thing! You need to be mindful of the security and privacy of your data. Knowing there are people out there who have dishonest designs on it will keep you on your toes.
Acting on the tips above will go a long way to keep sensitive data safe and out of the hands of cybercriminals!