Posts Tagged ‘data security’

Five Key Principles of a Sound Data Security Plan

Monday, February 8th, 2010

1. Take Stock. Know what personal information you have in your files and on your computers.

Effective data security starts with assessing what information you have and identifying who has access to it. Understanding how personal information moves into, through, and out of your business and who has—or could have—access to it is essential to assessing security vulnerabilities. You can determine the best ways to secure the information only after you’ve traced how it flows.

2. Scale Down. Keep only what you need for your business.

If you don’t have a legitimate business need for sensitive personally identifying information, don’t keep it. In fact, don’t even collect it. If you have a legitimate business need for the information, keep it only as long as it’s necessary.

3. Lock it. Protect the information that you keep.

What’s the best way to protect the sensitive personally identifying information you need to keep? It depends on the kind of information and how it’s stored. The most effective data security plans deal with four key elements: physical security, electronic security, employee training, and the security practices of contractors and service providers.

4. Pitch it. Properly dispose of what you no longer need.

What looks like a sack of trash to you can be a gold mine for an identity thief. Leaving credit card receipts or papers or CDs with personally identifying information in a dumpster facilitates fraud and exposes consumers to the risk of identity theft. By properly disposing of sensitive information, you ensure that it cannot be read or reconstructed.

5. Plan Ahead. Create a plan to respond to security incidents.

Taking steps to protect data in your possession can go a long way toward preventing a security breach. Nevertheless, breaches can happen. Have a plan in place to respond to security incidents. Designate a senior member of your staff to coordinate and implement the response plan. If a computer is compromised, disconnect it immediately from the internet.

What are YOU doing to protect data security at your company? Post a comment on our blog sharing one of your techniques by the end of day Friday, February 12th, 2010 and be entered into a drawing to win a $25.00 Starbucks gift card. Share this blog with your friends so we can get their ideas as well!

Tags: , , , , , ,
Posted in General | 2 Comments »

Data Security: Clean Off the Hard Drive Before Donating Your Computer

Monday, December 14th, 2009

Are you planning to donate or sell your used computer? Before doing so consider this: deleting or trashing files and formatting hard disks won’t remove the data from the hard drive. These processes only remove pointers to the files, leaving the actual files intact, able to be retrieved by anyone with data recovery software.

Do you want your confidential information (financial, personnel, trade secrets, e-mail and more) to be viewed, and possibly used, by strangers? Before parting with your computer, first take the time to clean the hard disk.

We found a great resource that provides some ideas for cleaning your hard drive, as well as options for donating or disposing of old computers. Visit http://www.techsoup.org/learningcenter/hardware/page5496.cfm to learn more.

Tags: , , , ,
Posted in General | No Comments »