It’s Data Privacy Week, Are You Really Secure?
January 24, 2023
The business world may be shifting its focus to the digital realm, but vigilant cybersecurity is only one aspect of data protection.
In fact, Varonis reports that while hacking and malware attacks account for many data breaches, other breaches include much simpler methods including loss or theft of physical hard drives or files, human error, insider leaks and payment card fraud.
Three ways to protect your physical data
Whether dealing with personal information or company data, there are steps you can take to properly handle, store, share and dispose of important documents and data.
Shred important or sensitive documents
Tossing paper in a recycling bin may help the environment, but it doesn’t protect you from data breaches. In addition to keeping trade and sensitive information private, there are also laws and regulations in most countries requiring business to protect certain information when it is discarded. Safeguards such as shredding help your business stay in compliance.
Sensitive information includes documents containing:
- Health records
- Banking or payroll
- Anything with a signature
Once information is shredded, there may be added steps required to comply with the necessary steps of information destruction. In these situations, using a NAID information destruction contractor can help by establishing:
- How it was destroyed
- Where it was destroyed
- Who destroyed it
- When it was destroyed
- Legal chain of custody
- Fiduciary obligations
As part of the only organization dedicated to increasing the security and ethics of the information destruction industry, NAID members are bound to a strict code of conduct and hold themselves to a higher standard.
It is a good practice to keep backups of all data, both physical and digital, at a separate location.
Secure servers and locked storage facilities can store data and other files, which can be retrieved if necessary. In the event of fire or flood, theft, accidental breach or systems crash, having backups will be a crucial part of any disaster recovery plan.
No matter if your company operates in an office or remotely, employees should be equipped with basic data privacy education, including a general understanding of how to handle the data they interact with and why it matters.
Keeping company workstations secure through firewall security, updated antivirus software and setting screens to lock after a set period of inactivity.
Physical workstation setup should also be considered for security. Desks, monitors and whiteboards should be positioned so only the people who need to access the information can easily see it to reduce “shoulder surfing” incidents and prevent unauthorized personnel from inadvertently causing a data breach.
Using a privacy filter on screens and monitors can also reduce the risk of a data breach. These easy-to-install filters go over the monitor and block the display from any viewpoint except straight on.
Weighing privacy versus convenience
Properly practicing and maintaining good privacy habits takes effort, but properly handling data privacy will save you time, money and stress in the long run.
While it may seem more convenient to circumvent the destruction process and toss a document into the nearest bin, it is not the safest option for protecting information.
This digital privacy week, consider areas where data privacy could be improved and commit to protecting your confidential company and customer data.