This week is Privacy Awareness Week – a global initiative, supported by the Australian Information & Privacy Commission.
While most Australian Businesses are very aware that they need to protect sensitive data, some are still struggling to put the correct measures in place to do this effectively. But the task need not be overwhelming – and there are some key areas that make it easier.
There is so much noise in the marketplace around what products to use or what the most effective strategy is. However, businesses must first understand where their sensitive data sits to understand how best to protect it. For any business grappling with securing confidential data, visibility is key to simplifying the task. Once you have identified where all your confidential data sits, you can better undertake measures to ensure the security of that data.
Data security is the single biggest challenge business has today – here are some things to consider right now that could make that journey easier:
- 1. What data is stored on your network & how is access managed to reduce risk? Traditional security methods of “castle and moat” type edge security are becoming less relevant. Furthermore, the Zero trust model is on the rise, identity and access management is crucial to data security.
- 2. What data is sitting in your Cloud environment – do you have visibility of what data your users are storing in your Cloud environment? Do you know if it is adequately secured to meet compliance requirements? A Cloud Posture Health Check is a cost-effective, fast way to determine what you have in the cloud and if it is compliant with things like ISO, GDPR, PCI, etc.
- 3. Users remain the single largest risk to security for every single business globally – and currently account for 91% of all breaches worldwide. If you are not addressing user security, it is simply a matter of time before a breach occurs.
Some things to consider when securing users are:
- • Do you have adequate endpoint security? Traditional AV endpoints are not sufficient to guard against emerging threats, so be sure you are investing in a leading-edge solution.
- • Do you have secure web browsing in place?
- • Are your O365 and Office environments secure?
- • Are your users accessing work emails and/or network via their mobile phones? If so, what security do you have in place to protect that access?
- • How secure are your applications, such as SharePoint, Teams or Slack?
- • Are you implementing encryption to protect confidential information?
- • Are you scanning encrypted traffic and if so, how are you managing certificates?
In addition to the above, the fundamentals should always be part of your strategy – such as ensuring systems are patched and ensuring you have an effective backup solution in place.
There are so many facets to data security – and as always, a multi-layered approach is advised as the best strategy. However, talk to us today about how to simplify and consolidate your solutions to reduce costs and vendor spread.