If you’re a frequent flyer, your credit card may have been compromised in a security breach in the fall of 2017.
On Sept. 26, 2017, hackers gained access to sensitive data from inside the networks of both Delta Air and Sears, effectively putting hundreds of thousands of customers’ credit card information at risk.
While these types of attacks can sometimes be unavoidable, proper storage security could have prevented this attack.
What Is Storage Security?
Storage security is the implementation of controls, both physical and technical, to protect the stored data.
In order for a storage security system to be viable, it must meet two requirements.
First, the system must be able to protect against any unauthorized access from those wishing to steal or destroy the data held within it.
Second, the system must also be able to easily provide that information to authorized users.
Those who oversee the storage of a company’s data are forever locked in a battle between making the data available for anyone who needs access to it and fighting to keep that data out of the wrong hands at the same time.
What steps should storage administrators take to keep your company’s sensitive data protected against those that would seek to do nefarious things with it?
More importantly, what areas of your data storage system could make you vulnerable to a data breach?
Data Storage Security Vulnerabilities
Like most technology, storage systems come with risks.
Several storage system vulnerabilities include the following areas.
No Encryption Software
With the exception of some higher-end brands, most storage systems on the market currently don’t include encryption software. This means that the storage admin must install additional software in order to make sure that the data is encrypted properly. Admins must know whether the storage system comes with encryption software and address what happens if it doesn’t.
Deleted Data Recovery
Hackers have the ability to recover data once thought to be deleted. Implementing a proper data destruction procedure ensures data cannot be recovered once it is deleted from the network.
No Physical Security
It’s easy to get wrapped up in the virtual aspects of our data security that we often overlook the possibility that our data is at just as much risk physically as it is virtually.
Physical protection procedures should address:
- Password protection.
- Not leaving mobile devices unattended.
- Using tracking software to recover lost or stolen devices.
- Always backing up your files.
Being proactive should reduce the risk for a disgruntled employee, for example, accessing sensitive information.
Distracting Your Administrator
Bogging your storage administrator down with security policies that aren’t directly related to the management and protection of data can distract them from their goals of implementing and enforcing storage security protocols. Instead, minimize these organizational policy asks and non-storage related security requests. Let your storage admin can focus on implementing and managing the technologies necessary to protect your network’s storage systems.
Getting Started With Storage Security
With your company’s data storage vulnerabilities addressed, what practices can your storage administrator put into place today to ensure that your data is both protected and readily available?
Stay one step ahead of a cyberattack with these data security tips:
Encryption software is often the first line of defense against an outsider that seeks access to your sensitive data.
All data should be encrypted while within the storage system, and while in transit between the storage system and an authorized user.
Position-based access regulation is a practice that most companies employ to make sure that the correct people have access to only the information that they need and no more.
This is typically accomplished with the help of admin-regulated multi-factor authentication as a barrier between the employee and the data to ensure that the information is both secure and accessible to those who are authorized to view it.
Secure Your Network
In addition to the protection of your storage system, you should surround your information with a strong network defense in order to maintain optimal data security.
Effective Recovery Procedures
In the event of a data breach or malware attack, it is important that your sensitive information is backed up to a secure location. This is important not only to restore data lost in a ransomware attack, but also to restore all sensitive information in the event of a disaster.
Having a secure location to back all important data up into is important in defending and maintaining good data security practices.
While there are many other useful tips in safeguarding sensitive data, these few are a good starting point that any storage administrator can use to help them create a safe environment for their data.
It’s more important than ever to practice good storage security. If you or someone you know is concerned about the state of their storage security, contact Integrity today.