im体育网页版官网|im体育官网在线线

In this day and age, data breaches may easily occur, especially for companies which rely on online clouds for data storage. Almost every company, from small to large scale enterprises, can suffer from a data breach. Having a secured data system should be a priority.

What are the biggest mistakes companies make with regards to data security? Here are some useful data security tips, from industry experts, that apply to companies doing business online.

Forgetting That Security Is Also a Business Goal

CEO of K logix, Kevin West, explains that when companies don’t align security with their business goals, this becomes a significant problem and may cause a data breach.

When making a decision, the security team should always think of the bigger picture. What is the overall impact of this in achieving business goals and revenue? Failure to recognize this may cause additional operational expenses and an ineffective data security program.

Focusing on Critical Servers and Ignoring Other Hosts

Security QA Engineer at Ciklum , Artem Metla, says ignoring other hosts and just concentrate on critical servers is another big mistake companies make with data security. These other hosts include testing facilities, end-users computers, and more.

Remember, hosts in your network are all connected and managed under an administrator. Once the hacker effectively penetrates any of these hosts, the administrator’s data is just as vulnerable. For example, in one user’s PC, a hacker can get the user’s credentials, which can open some Administrator’s permissions. Vulnerabilities can be found in any component, not just the critical servers.

Ignoring Where the Data Is Hosted

Co-Founder and CEO of HighQ, Ajay Patel, says the biggest mistake any company can make is neglecting where data is hosted. Data hosting, according to Patel, should be one of the biggest concerns of companies, especially in the law and finance industries.

Once your company ventures into the cloud, you need to be cautious about which cloud provider you are entrusting your data with. Remember those cloud providers based in the United States are subject to American laws.

It is best to check with your prospect cloud provider where they host their data. They should be able to offer you a range of choices and the laws of each area. They should tell you the best place to store your companies’ precious data.

Using Apps for Check-out Process

Guido Laures, CEO of Spreadshirt, says the biggest mistake companies make with data security is neglecting to build their security features and merely relying on apps when it comes to check-out processes.

Building security features like Content Security Policy should be a priority, instead of using apps. Companies should also include external scripts to protect their data. Another solution is to use https:// to avoid breaches in non-secure areas. This will help you gain confidence from your customers who want to have a fast and secure shopping experience.

Failure to Maintain an Information Security Plan

According to Casey Fleming, CEO of BLACKOPS Partners Corporation, one of the biggest mistakes is not having an information security plan and not classifying data as trade secrets.

Here are a few tips from Casey:

Data security is not just an IT problem; it’s a business problem
Having an Information Security Plan is crucial
Understand the threats a data breach poses, not only to your data but to your employees
Insider Threat is also as significant as an outside attacker
Data security is a 3D ecosystem
Companies should prefer a data-centric strategy than a perimeter protection strategy
Do not simply rely on cyber products such as anti-virus software
Classify your data as trade secrets
Train your employees in data security
Obtaining intelligence reports shapes and strengthens data security strategy

Non-Inspection of Encryption Made by Third-Party Vendors

CEO & Co-Founder of SafeLogic, Ray Potter, says the biggest mistake companies make with data security is a failure to vet the encryption used by vendors. The encryption needs to be tested and validated to a particular standard or benchmark, so it’s equal to plain text. It’s risky if not tested from a reputable laboratory.

Not Teaching Employees How to Make Better and Safer Decisions

CEO of Wombat Security Technologies, Joe Ferrara, says your employees are your greatest assets. Failure to inform your employees of data security safety measures can be critical. Apart from that, he also listed a few common mistakes:

Sensitive data must not be taken home using work computers
Using the same password for all accounts
Sending unencrypted emails
Using unencrypted data on mobile phones
Sharing passwords with other people
The security team is not sharing the data security policies with employers.

Even when they’re outside the office, they need to be instructed to protect their data. Companies should hold Security Awareness Training sessions and recognize employees with the best behavior.

Fazreen Razeek

Fazreen Razeek from Grafdom has served the digital industry for over 5 years. He collaborates and works alongside agencies, event organizers, and suppliers to develop and execute their marketing strategies. He is extremely passionate about education technology and also writes for various local and international publications. A graduate with High Distinction from the Edith Cowan University, Perth, Australia, Fazreen holds a Bachelor’s Degree with a double major in Marketing & Management.