Quick Information Security Assessment
Answer Five Questions to Rate Your Company’s Data Risk
If your office is damaged by fire, will you be able to set up emergency operations elsewhere and continue managing your business?
If an employee or contractor erases key company data, will you be able to retrieve it?
If malware infects your network, can you delete the infected software and start operating again with a clean data set?
If hackers access your IT systems and steal or modify data, do you have a reliable data set that you know has not been compromised?
If one of your servers fails and its data is lost, can you switch to backup data quickly and reliably.
If you answered, “Yes” to all five questions, your data risk is low, but if you answered, “No” to two or more questions, your company may be exposed to data loss and a loss of business due to impaired operations.
The five questions highlight your risk when exposed to the following five situations your company may experience.
Unauthorized Access: Several large companies have recently reported leaks of personal data from their servers due to hackers accessing and stealing user names, passwords and credit card data. When your data is stored remotely, in the cloud or on a remote backup site, your data risk is reduced as long as your remote site is secure. Companies offering such remote storage are focused on security and reliability and often have more resources dedicated to access control than your own company.
Disaster Recovery: When fire or other disasters hit your office, you have to assume that paper files are damaged and you may not have access to the hardware located at that office. Complete off-site backup systems with paperless records, possibly in the cloud, help reduce the effects of disaster and allow your company to start operations with new hardware, using the back-up data.
Loss or Corruption of Data: Workers within your organization with authorized access to data may inadvertently erase or overwrite data or files. Disgruntled employees or contractors may delete data on purpose. A backup system that allows you to identify missing files and restore them helps you reduce the risk of data loss due to internal mistakes.
Malware Infections: Even with the best antivirus and security software, user mistakes and new exploits can result in your IT systems becoming infected. IT professionals can usually identify the malware, but they may need to delete infected software or erase entire hard drives. A secure backup copy of your data can reduce the risk of data loss due to malware infections.
Hardware Failure: When one of your servers fails, you may lose the data it was carrying. While you can implement local solutions with backup servers and mirrored data, a cloud-based solution allows you to outsource this function to specialists. You can focus on your business and rely on continuous accessibility to your data, even when cloud hardware experiences problems. The key is to identify and evaluate cloud partners that have the required expertise and experience.
Data risk is a normal characteristic of operating a business, but if you can identify the sources of greatest risk for your organization, you can take steps to increase data security. New backup technologies and cloud access can help you reduce risk and increase operational reliability. Ask Us - We love to talk "tech"!
Brief BIO: Steve has a Master's Degree in Information Sciences | Cyber security and Assurance from the College of Information Sciences and Technology at Pennsylvania State University. In addition, he maintains certifications related to Microsoft systems / network management; CISSP (Certified Information Systems Security Professional); CISM (Certified Information Security Manager) and CISA (Certified Information Systems Auditor). Steve is also a certified Lead Implementer for the ISO/IEC 27001 Information Security framework and Lead Risk Manager for ISO/IEC 27005.