Page 4 - index
P. 4
Four simple steps companies can take to protect their data
It is a requirement by law that all companies in the UK protect any data held and
processed in regards to clients, employees or suppliers, but what are the best ways to do
this?
When a company collects data from employees, customers and suppliers there are certain
guidelines that must be followed, which include the following:
• Only collect information that you need for a specific purpose
• Keep it secure
• Ensure it is relevant and up to date
• Only hold as much as you need, and only for as long as you need it
• Allow the subject of the information to see it on request
These guidelines are simple in essence, but they can be difficult to implement if a company
doesn’t properly know how to protect the data it collects – a common problem for SMEs.
Effective data security requires the hiring of employees who are experts in data storage, the
purchase of servers to host the data, and many other systems which have to be implemented
effectively and managed properly. On paper, this sounds simple, but in reality, even large
companies can get this wrong.
These issues are further compounded when discussing data protection in the cloud. The cloud
can be a confusing topic, but in reality, it’s actually quite simple, and may be a way for many
businesses to effectively keep data safe and secure. In most cloud based data storage
solutions, the data is stored offsite, on an external server. These servers are then managed by
data and security experts.
The cloud and data
The cloud is being adopted by an ever increasing amount of businesses worldwide so that they
can manage and share data more easily and effectively. For example, with the cloud, a
company with an office based in New York and another in Shanghai can access the same data
without it needed to be store on two physical servers. A system like this not only saves server
space, it saves money and time.
These advantages can sometimes have drawbacks however: if data belonging to global
companies can be stored in one physical location, then any successful security threat or hack
will result in access to a lot of sensitive data – maybe much more than attack on a localised
internal server.
The answer to this is to store certain types of data in different locations, however there needs to
be education on how everyone in the company can store data properly to help protect it more
effectively.
4 Cyber Warnings E-Magazine – July 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
