This year, we’ve written about what the future holds in terms digital transformations and new and exciting technologies. We’ve also addressed what key executives, especially CISOs, should be thinking about as data moves and is accessed across their organizations. Now, we turn our attention to best practices for data security.
It’s no secret how pervasive cyberattacks have become. In our recently launched 2019 Thales Data Threat Report- Global Edition, 60% of organizations say they have been breached at some point in their history, with 30% experiencing a breach within the past year alone. While we have an appreciation for the risks enterprises face overall, security concerns are crucial for all. As events such as Safer Internet Day (that occurred earlier this week) are meant to promote, more awareness is needed for better, more secure internet practices for everyone, including young users.
With this in mind, it’s important to remember – whether you are part of a large enterprise organization or an individual with an online presence – that the first line of cyber defense begins with you. Vigilance and good security hygiene are a must today.
But what does vigilance look like? Here are three best practices we’d recommend:
- Err on the side of caution. Before you download, send or receive information – ask yourself a few quick and simple questions:
- Who asked for it?
- What did they ask for
- How did they want you to send it?
- Do you recognize the URL or email address? (if it’s email, also be sure to check the actual email address – even if it looks legitimate, it’s worth checking it’s an authentic address)
- If something doesn’t seem right – it’s probably not. (This may seem rudimentary in nature, but you would be surprised how much this still happens today)
- If it’s encrypted, it should stay that way. It always amazes me when employees devise the most elaborate workaround plans in the name of productivity. Not only is this not necessary, these workaround plans expose data putting it in danger of being compromised and your organization in jeopardy of being out of compliance.
- If it’s not encrypted – maybe it should be. Be over zealous – it might not be your privacy at risk but it could be someone else’s. Exposure – even if accidental or inadvertent will open you up to potential liability.
You are the first line of defense, take it seriously and be on guard. In the end it will save you and your organization time, money and reputation.