How to Lower Your Risk of Data and Identity Theft
At a basic level, safeguarding your data is a lot like safeguarding your home: keep the doors and windows locked and your valuables out of view from prying eyes. Your business requires a more comprehensive approach, so consider the following recordkeeping and planning steps:
- Inventory the types of data you collect, store and transmit. Depending on the sensitivity of your data, you may employ different levels of protection.
- Note how and where you store data. You might have records on personal computers, on cloud servers and even on paper forms in old fashioned file cabinets. Back up all records and store them in a safe location.
- Determine how you transmit data. If you transact sales over the Internet, you need secure servers and encryption software to protect credit card numbers. If you have employees who travel with company data on a laptop, develop ironclad rules for how laptops are handled and if there are certain types of data that should never be stored on any portable device.
- Install and continually update computer firewalls, anti-virus and anti-spyware programs, and encryption (encoding) software.
- Perform simple background checks on employees who have access to restricted information. Limit access to only trusted employees.
- Write contracts that hold third parties responsible for all response costs if information is breached while under their control.
- Evaluate the costs versus benefits of different security protocols based on the sensitivity of data you collect and the likelihood that it could be compromised.
- Shred old paper files, completely erase or physically destroy old hard drives and remove memory cards from any device before selling or discarding.