Securing data on the move is a prime concern for many businesses.
What if an employee takes customer data home to work on?
Small storage devices like USB drives or HDDs can be easily lost or stolen – globally more than 2 million are lost each year and studies have shown that over half of dropped USB sticks get plugged in.
This leaves your organisation at risk of non-compliance with GDPR.
One easy step to reduce this risk is to use encrypted devices.
Encrypting involved scrambling the data in such a way that only someone with the correct code or key can read it.
GDPR will make data protection law identical throughout the single European market from 25 May 2018.
It gives businesses a simpler and clearer legal environment in which to operate and people more say in what companies can do with their data.
There are also tougher fines for companies that do not comply. Organizations can be fined up to 4% of annual global turnover or €20 Million.
All of this makes it more important than ever to ensure that your critical and sensitive information is protected properly.
Viruses: By attaching themselves to files and infecting other files, they can spread uncontrollably, damaging a system’s core functionality and deleting or corrupting files.
Rootkits: These do not contain damaging software – they are a masking technique used to conceal malware, so it goes unnoticed by antivirus detection and removal programs.
Spyware: It hides in the background and spies on users, taking notes on their online activity, including passwords, credit card numbers, surfing habits and more.
Trojans: They disguise themselves as legitimate software. Users download them thinking they are useful pieces of software, instead they end up with an infected computer.
Worms: This is a self-replicating programme intending to spread malicious code. Using network interfaces, they can infect entire networks, either local or across the Internet. They then use infected machines to infect others.
Ransomware is a type of malware with the ability to silently encrypt your files, before demanding an online ransom payment in exchange for a decrypt key.
It can be installed into systems through a malicious email attachment, an infected software download or by visiting a malicious website or link.
When a system is infected the ransomware works in the background, connecting to a remote server, to encrypt single files, whole directories of files, or complete drives.
Regular back-ups protect against both accidental or malicious data loss – anything from hardware faults and viruses to human error or theft – as they can be used to restore original data files.
Choosing the right media and back-up procedure depends on many elements:
In addition to your primary data, you should also have at least two more backups, which will help significantly reduce the risk of losing data. These could be physical and / or cloud solutions.
It is best practice to keep copies of your data on at least two different storage types, such as internal hard disk drives AND removable storage media (tapes, external hard drives, USB drives, SD-cards, CDs, DVDs.)
It’s obvious really, but it’s not a good idea to keep your external storage device in the same room as your production storage. If there is a fire, flood or burglary – you would lose all of your data.
To be completely protected, a user or organisation needs to have data backed up and archived offline.
Any device that is attached to an attacked system or network is vulnerable.
If your back up HDD is plugged into your laptop when a piece of ransomware software is installed it will also be encrypted.
Having most important data archived to optical media can eliminate this risk.