Share:

Surprising Ways to Improve Business Data Security

Today’s business environment presents substantial threats and risks— Here are 5 ways your organization can better protect its systems and data.

Over the course of nearly two decades, the Internet has spawned remarkable advances in business and leveled the playing field for mid-size and middle market manufacturing companies. 

Key Takeaways
  • Remarkable advances in digital technologies have heightened the need for companies to improve business data security and protect its systems.

  • It’s critical to take a holistic view of business data in systematically assessing risks and prioritizing security investments.

But there’s also a downside to being connected. Today’s business environment presents substantial threats and risks—some of which can permanently damage a business. Getting a handle on business data security has never been more important. Here are 5 ways your organization can better protect its systems and data. 

Understand the nature of today’s threats.

“The threat profile has changed completely over the past ten years,” states Jonathan Gossels, president of SystemExperts Corporation, a Sadbury, Massachusetts security consultancy. “In the past, hackers publicly demonstrated their prowess with flashy takedowns. Nowadays, with organized crime and hostile foreign governments in the picture, subtlety and persistence are the goals.” This translates to intrusions but also social engineering techniques that dupe employees into clicking a bad link and a system becoming infected by malware. “The hacker extracts some economic or strategic advantage over a long time period,” he says.

DataSecurity

Look beyond specific business data security threats and adopt a comprehensive risk-management framework.

Until recently, data resided primarily on servers located within the enterprise. Today, data exists on laptops, iPads, iPhones, USB sticks, cloud environments as well as systems run by business partners and third parties. “You can’t manage what you don’t understand,” Gossels points out. He suggests systematically assessing risks and prioritizing security investments. It’s critical to take a holistic view of data—including where it resides, how it travels across the network, what applications use it and where it is backed up and stored. A comprehensive security framework, such as ISO 27702, can pay dividends. It encompasses 135 best practices in areas as diverse as access control, physical security, human resources controls and classifying the value of data.

The risks of data loss and theft continue to grow as mobile tools, cloud computing and social media go mainstream.
Think about security proactively rather than reactively.

Typically, a number of key security components exist. These include: authentication, encryption, firewall protection, endpoint security, web filtering and data loss prevention (DLP). But one of the mistakes that companies make is assembling an unmanageable collection of best of class tools rather than an integrated product suite, Gossels notes. Unfortunately, organizations that take this tact often find too many things falling through the digital cracks.

Recognize that your chief security officer (CSO) or chief information security officer (CISO) can’t keep up.

As new and bigger threats have emerged and IT frameworks have become infinitely more complex, security executives have increasingly found themselves unable to keep up. As a result, a growing number of organizations are establishing a more specialized position—typically chief risk officer (CRO) or chief information risk officer (CIRO)—to address intertwined governance and security issues in a more comprehensive, integrated and focused manner.

Think unconventionally.

The risks of data loss and theft continue to grow as mobile tools, cloud computing and social media go mainstream. Organizations must constantly reevaluate polices and redefine the concept of protection. For example, mobile device management (MDM) allows IT to control what’s stored on a device and wipe it, if it’s lost or stolen. Some companies are also turning to a big data approach to security to better identify unusual patterns and suspicious events.

Samuel Greengard is an award-winning business and technology writer whose articles have appears in AARP: The Magazine, American Way, Discover, EdTech, Industry Week, Workforce Management, Wired, and many other publications.