5 Essential Data Security Best Practices

data security enforcement

The growing importance of business data has significantly increased its value, which has led to an increase in its theft. Just as every company must protect its employees and equipment, it must also have a policy for data security.

Based on a report issued by the Identity Theft Resource Center, there were 1,862 data breaches in 2021, a 68% increase of the 1,108 data breaches recorded in 2020. The previous record was 1,506 breaches that occurred in 2017 (source). Given this trend, it is reasonable to assume that this year’s figure will continue to increase.

How strong is Your Data Security Policy?

Here are a few suggestions on how to best think about and evaluate the security of data, as five suggested best practices.

  1. Secure Data at Rest – This is the data that is stored on hard drives on your network as well as the data that employees store on laptops, smartphones, or other computers. Ideally, full-disk encryption should be used on every computer within an organization. Encrypting hard drives will help avoid the loss of critical information even if there is a breach or if computers or hard drives go missing. Encryption technologies are available either as hardware-based or software-based.
  2. Secure Data in Motion – Data that is in transit occurs when digital information is transported between locations. One example might be when data is extracted from paper documents. This data should also be encrypted. Here, the threat is that this data could be intercepted, stolen, or leaked as it is being transferred from one location to another. There are several ways this data can be encrypted, ranging from asymmetric encryption to SSL to HTTPS. Learn more about these and other security encryption technologies here.
  3. Secure Data in Use – This type of data is much harder to encrypt given that it is currently being updated, processed, erased, accessed, or read by a system or process. For this reason, a data security best practice is to focus on access control. This includes tracking and reporting data access to detect suspicious activity and potential threats. Endpoint security management is another good strategy. Establish policies on what devices are allowed to connect to your network. Validate user credentials and scan devices to make sure they comply with your defined corporate security policies before allowing access to your network. Learn more about this security strategy here.
  4. Adopt Two Factor Authentication (2FA) – This is a practice based on the concept of adding a layer of verification that each user is who they say they are. A username and password are the first “factor” necessary for network access. Then, the user must present an additional “key” or proof point that they are the person they claim to be. Today, there are many free authentication programs, including those provided by Microsoft. When you log in to your financial institution, you might be texted a code that is required before logging in – this is an example of 2FA. This type of security is highly effective to stop malware attacks, protect against future ransomware attacks or unauthorized access, and ensure that employees who no longer work for the company don’t retain any login credentials that might not have been monitored sufficiently.
  5. Regularly Backup Your Data – While this might not intuitively appear to be a data security best practice, it really should be thought of as part of your data security audit. Should you experience a data loss or breach, the first step you will need to perform is to assess what has possibly been taken or compromised. And, if data is missing, then you will need to quickly gain access to this information before a business disruption occurs. Those experiencing a ransomware attack have little to fear if a duplicate of their data sits securely on an offsite server. Similarly, the potential loss of productivity from an errant activity, hard drive failure, or possible virus attack should be enough to take this best practice seriously. And don’t forget to try and extract your backed-up data regularly. If you find out your process isn’t working, don’t let that compound the stress of experiencing a data breach.

In addition to the possible business interruption that a data loss might trigger, those with Personally Identifiable Information about customers, employees, or partners may be subject to providing notification about this loss. This can be a difficult process to go through, with the potential for brand degradation and customer mistrust that happens thereafter.

The above five steps are just the start of a strong data security strategy. With the estimated 200 Zettabytes of data expected to be stored globally by 2025 – and half of that figure in the cloud – there will be no shortage of targets for data theft (source).

The growing use of Artificial Intelligence (AI) is directly related to having access to clean data, thereby significantly increasing its value every year. Your best data security strategy is to proactively address this threat to continue to leverage the enormous value this data can deliver to your business to achieve the highest performance and profitability.

Read how to achieve a strong return on investment from AI in this article, How to Best Leverage an AI Investment.