What do Adidas, Delta Airlines and Best Buy have in common?
Business-wise, not much. Security-wise, they're in the same pit. If you've made a purchase from any of these 3 businesses in the past year, your data might have been stolen.
Since January 2017, at least 16 major security breaches have occurred, many of them caused by flaws in payment systems and password mismanagement, both online and in stores.
Want to make sure your business doesn’t suffer the same fate? Here are the top tips and best practices to keep your company data, and more importantly, the data of your customers, safe and protected.
Routine Software Updates & Patch Management
This is the most basic and obvious step in ensuring security across a business or enterprise, but it bears repeating due to the high stakes.
It is essential that you keep your software and operating systems up-to-date. Many security breaches could be prevented by a timely software update.
Premium Antivirus Software
Make sure that all of your devices have adequate and regularly updated antivirus software to prevent them from becoming infected by viruses.
A lot of viruses have the ability to corrupt or even destroy data, which is something you definitely want to avoid.
There are a lot of options to choose from, but the needs of your company should dictate which antivirus you opt for.
Data Classification Program
Implement a data classification program that focuses on customer, financial, and intellectual property information, with designated owners of the information.
Data protection categories should include “confidential", "internal use”, and “public", and it is important to put the appropriate controls in place to protect this information.
For example, “public" data should be reviewed to ensure that sensitive information such as future product plans are not released outside the company.
Respect New GDPR Rules
Even if your business isn’t based in the EU, the new General Data Protection Regulation (GDPR) rules are something every business needs to consider.
If you have customers in Europe, this new regulation will affect how you collect consumer data, and what protections must be in place to minimize a security breach.
Failure to comply can lead to penalties, even if no member of your company has ever set foot on European soil.
These regulations went into effect at the start of 2018, so if you haven’t already audited your security to make sure you’re in compliance, there’s no time to waste.
Proper Password Management
If these recent breaches have proven anything, it’s that businesses really should improve their password strategies.
A few general rules of thumb agreed on by the majority of security experts:
The strongest passwords are 16 characters or more and include lower and upper-case letters as well as special characters and numbers.
The password should not include anything related to you, such as names of pets or your birthday; it's a good idea to try to use phrases instead of words.
Use different passwords for different accounts.
And, whatever you do, don't write your password down on a Post-it note and stick it on your computer. Instead, let a good password manager handle that for you.