In 2021, failing to invest in robust data security is like designing an ocean liner without lifeboats.
The risk of serious data breaches and ransomware attacks are like icebergs. Make a mistake and the chances of staying afloat are slim.
In fact, the average cost of an enterprise data breach is now £1.04 million – proof that there is still no reward for cutting corners.
But don’t panic. With these seven data security best practices, you can remain unsinkable even during the unthinkable.
Data security best practice #1: Move to multi-factor authentication
You can no longer rely on a simple passcode to stop your data from falling into the wrong hands. If you’re already using a platform such as Microsoft 365, switching on multi-factor authentication will keep your systems secure even if someone compromises an employee’s credentials.
To really give you a warm fuzzy feeling, extend multi-factor into Conditional Access, which will not only provide a robust multi-factor installation but an enforcement regime which won’t cause your users too many upsets.
Data security best practice #2: Mitigate against in-mail malware
For 67 percent of business, phishing attacks were the single most disruptive breach in 2020. Automatically blocking suspicious content from business emails reduces the risk of malware entering your systems (even when employees are a little trigger happy).
Data security best practice #3: Reduce the risk of ransomware
Around 44 percent of retailers were hit by a ransomware attack in 2020, with a third of their data rendered completely inaccessible. To prevent your business from suffering a similar fate, introduce company-wide anti-malware policies to prevent access to riskier file types.
Utilising the redundancy and retention properties in your productivity platform will also ease the recovery if the unthinkable happens.
Data security best practice #4: Encourage encryption
Much to the annoyance of the IT department, employee mistakes still cause 24 percent of email data breaches. While internal policies remain an important first line of defence against potential data leaks, encrypting these messages reduces the risk of human error. Set rules to encrypt emails to specific recipients, create rights management templates and apply ‘do not forward’ measures for all confidential material.
Data security best practice #5: Embrace employee education
Although it’s now possible to mitigate many threats automatically, there is still no substitute for tailored employee training. Teach your staff how to spot suspicious links, how to safely store information in the cloud and how to properly protect devices when outside the office.
Data security best practice #6: Back-up your best bits
There’s a reason movie stars have stunt doubles. Duplicating business-critical data means you’ll always build redundancy into your system and provides a failsafe when servers go offline. Back up to the cloud and keep your business running even when data is corrupted or held to ransom.
Data security best practice #7: Privileges for the few
More home workers means more people accessing business data online (and potentially from devices you haven’t screened). Make use of access management features to give users time-bound privileges for specific programmes and tasks.
Secure your data, unlock your potential
‘Safety in numbers’ is a flawed maxim and obscurity is no defence. No matter the size or the stature of your organisation, you’re never immune to attacks or breaches.
As remote and hybrid working becomes the ‘new normal’, building these data security best practices into the fabric of your business will prevent you from losing momentum even when you do steer into choppier waters. Register here to find out if you're eligible for one or more of the six funded Microsoft Security workshops Akari can deliver at no cost!
