In a recent data security guide published by the Better Business Bureau (BBB), the organization has outlined a checklist for taking an inventory of personal and company data and making sure it is securely backed up. Following are some of their suggestions that can help your company make sure all of their “data ducks” are in a row and accounted for – as well as safeguarding against data loss in its many forms.
Step 1: Categorize and organize your data types
Identify and Document all Customer and Vendor Contact Information
- Names, addresses, phone numbers, email addresses, etc.
- Payment information
Identify and Record Transaction Numbers and Amounts
- Include account, invoice numbers and other numbers used to track transactions
- Document each kind of transaction and its associated amount
Step 2: Identify the way data is stored and where
Consider the Data Format
- Will the data be recorded and saved on paper?
- Do you receive information through email including attachments?
- Are you planning to store data in databases or spreadsheets?
Review Data Storage Options
- Will data be stored in physical file cabinets?
- Does data have to be stored at various offices?
- Are you planning to store electronic data on laptops/desktops, server drives, external hard drives and/or in the cloud?
- Will copies of data reside on smart phones, tablets, or thumb drives?
Step 3: Determine how the data will be transmitted and transported
- How sensitive is your company data?
- In what ways could your data be distributed and by what means?
- For sensitive data, it may make sense to seek out the assistance of a security expert to identify potential weaknesses in your data handling or to implement a tool like Intelligent ID to safeguard against data leaks.
Step 4: Come up with a solution for tracking your data and its movement across physical and electronic storage sites
- Does the data reside in only one location or is it network accessible?
- Who has access to view and/or edit and copy the data?
- Will the data leave the main office?
- Can you access the data off-site and if so, by what means?
Step 5: Ascertain and implement data privileges
- Have you limited data access and assigned appropriate access and permissions?
- Will some data be viewable but not changeable?
- Are there other files/folders that will be hidden from most users and only be viewable by a few select individuals?
Step 6: Inventory data controls currently in use
- Are machines that are on the network or contain sensitive data password protected?
- Is access limited through group policies or other network security measures like software or hardware firewalls? Are these security measures receiving regular updates?
- Are all client and server operating systems fully patched – with up-to-date anti-virus, malware, and web security protection – and regular scans run?
- Is sensitive data encrypted?
- Are backups in place, including disaster recovery tools, if the need for quick data restoration is required?
- Are portable data storage devices locked down to prevent unauthorized transfer of data?
Step 7: Implement security methods
- Be sure to evaluate costs vs. benefits
- Think through and come up with possible options for security measures that will be feasible and appropriate to implement in your organization.
Step 8: Document the Process
- Ensure that you thoroughly detail and document your data inventory, as well as the security procedures you plan to enact in your business.
Utilize this checklist to obtain an accurate and up-to-date inventory of your stored data, and make sure it is properly protected. You may find it beneficial to partner with a company like Tegoh that can ascertain your data security requirements and provide you with the best tools to make sure your data remains properly protected. They have solutions customized by industry to meet your company’s individualized needs.Tags: Backing Up Critical Data, backups, IT Infrastructure