Data Nukes

Secure Data Destruction

5 Tips for Data Protection

By

5 Tips for Better Data Protection
5 Tips for Better Data Protection

In an article to its community, MIT offered 5 tips for data protection that are valuable for small to medium business owners as well.

  • Data Security is Fundamental
    • MIT is smart in pointing out that data protection and security is crucial to their operations and all parties within the college and businesses that provide services to the college should include a review of data security processes.
    • Small to medium businesses would be wise to follow this same advice. As a business leader, if you don’t take data protection seriously, your employees and vendors won’t either – and what does that say to your customers? Better to follow MIT’s example and make data security a fundamental priority within your organization.
  • Plan Ahead
    • MIT recommends periodic reviews of data security status and policies. These policies would include access, handling and storing data safely, archiving unneeded data and policies on how to respond to data loss or breach.
    • Small to medium businesses first need to ask – do we even have policies in place to address data security? If not, then this is the first place to start. Establishing policies for data protection would also be one step towards compliance on data handling.
  • Know What Data You Have
    • MIT rightly points out that you can’t secure what you don’t know you have. So step one is identifying all the places you have data and what level of data protection is necessary to keep the data confidential.
    • Small to medium businesses also need to address all the locations where company information might be stored. This could mean old, unused data containing devices being kept in a storage facility or the employee’s laptop who works from home.
  • Scale Down the Data
    • MIT recommends only keeping the data you need for current business. Safely archive or destroy older data, being sure to remove it from all data containing devices.
    • Many small to medium businesses will take their out of use data containing devices, like CPUs, loose hard drives, servers, and laptops, and store them in a closet somewhere on the premises. They stay stored, often unsecured, because no one knows exactly what to do with them. This is probably the worst thing that a business can do because it often exposes them to fines and data breaches. A better solution would be to have a compliance plan in place that designates an outside vendor to destroy the data and provide a certification. This shifts the liability of data breach on those unwanted electronics from the company to the outside vendor. Select a vendor who specializes in data destruction, has good practices in place and carries an E&O policy.
  • Lock it Up
    • MIT points out that all the passwords in the world won’t protect your data if your data containing device – phone, laptop, tablet – are stolen. Back up your data often and keep your data containing devices locked up.
    • This is a very big concern for small to medium businesses. Theft of data containing devices does not relieve a business of liability for data breach – it actually makes them more liable if they have not taken data protection of customers’ personally identifiable information seriously. With so many employees using their own devices to do company business, the risk of stolen data containing devices increase – and this increases the liability to their employers. It would be smart for business owners to have written policies in place regarding the physical security of all devices that contain any company information, whether located in the company offices or in employees’ possession.

These are easy, relatively inexpensive tips to improve data protection within your organization. Contact us if you are interested in learning more about data destruction services for your all your old electronic data containing devices.