Every organization that utilizes computers is at risk of data corruption or data loss. And for many organizations, such an event could spell catastrophe. While it may not be possible to protect our data from 100% of all possible attacks, there are a great number of steps possible to ensure it is protected within reasonable means. This article is intended to be only a basic guide to protecting your data.
- Physical access should always be considered a first line of defense and computing equipment should always be located behind closed doors with access limited only to necessary personnel.
- Utilize network security to the extent possible for devices that permit access from outside the organization. Utilize firewall and intrusion protection devices. Ensure default passwords are changed on all devices. Ensure wireless access is secured utilizing the most secure protocol available.
- Limit access to data to only those who need to access the data. A Domain Administrator does not necessarily need access to all data. Utilize file share permissions to ensure data is not readily available to unauthorized users. Do not leave computers unattended while logged in – lock the console if you must step away. Encrypt all data that could be considered confidential.
- Do not allow users to share accounts, including the Administrator account to ensure a valid audit trail. Disable guest accounts and limit the number of staff who have administrative access.
- Implement a good password policy. Require password changes every 90 days and require passwords to require at least 8 characters, one upper case, one lower case, one numeric and one special character.
- Ensure server operating systems and applications are patched routinely to ensure exploits that may have been discovered are secured.
- Utilize antivirus software on all servers, desktops and laptops. Any foreign device connected to the network can be a source of infection. Develop and enforce a security policy regarding personal devices such as personal laptops or tablets connecting to the network.
- Backup all important data and complete scheduled, routine restores to ensure data integrity. Backups serve no purpose if the data restored is not viable.
- If servers are outsourced to a provider, ensure the provider is aware of your security needs and requirements. Require your provider to complete a penetration test and provide documented results.
- Engage in a yearly risk assessment by an outside firm. While it is prudent to conduct internal assessments routinely, an assessment by internal resources may reflect bias.
If your organization’s employees rely on data to do their jobs, make an effort to do all you can to protect that data. To make sure you are protecting your data, or if you have questions, or for more information, contact Volta’s Professional Services team.