Upload
lgcdcpas
View
219
Download
3
Tags:
Embed Size (px)
Citation preview
TOP 10
TIPS FOR DATA SECURITY
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
How and where does sensitive information come in and out of your Company? Where is the sensitive data located? Who can access
these locations? Once you have documented the answers to these questions, you can begin the process of putting the proper technical and
administrative safeguards in place.
1 IDENTIFY AND DOCUMENT YOUR SENSITIVE DATA
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
2 BE AWARE OF REGULATIONS THAT APPLY TO YOUR DATA
Regulations, both state and federal, are increasing every year. Your industry may also have published recommended standards for data security. Understanding how and where you do business and the regulations that may
apply, should be a key component in every company’s annual risk assessment. Not knowing which regulations apply to your
Company can be a significant risk in and of itself, especially when it comes to the
potential financial and reputational impacts of non-compliance if a breach occurs.
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
Avoid using public Wi‐Fi hot spots if at all possible, as they are typically easy to hack
which can potentially expose all of your Internet traffic to a cyber-criminal.
3 BE SMART WHEN USING FREE WI-FI
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
Use a password on your mobile device because if it is stolen, the process of trying to break the
password may allow you time to locate the device or remotely wipe it before your data is accessed. Also, since phones and tablets are not immune to malware, install an antivirus
application on your device.
4 SECURE YOUR MOBILE DEVICE
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
Encryption is one of the best defenses against cyber crime, to the point where several
jurisdictions consider encrypted data a “safe harbor” so that the loss of your device won’t be considered a data breach requiring notification. Be sure to encrypt your laptops as well as any mobile or portable devices (e.g. external hard
drives, tablets, etc.) that contain sensitive data.
5 ENCRYPT YOUR DATA
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
Be wary of suspicious e-mail – there is a chance that the email may be a spear phishing attack,
and you are being deceived into voluntarily compromising information. Be cautious when you receive an unexpected email asking you to
open an attachment, provide sensitive information, or visit a website.
6 BEWARE OF SPEAR PHISHING ATTACKS
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
The best policies and safeguards in the world won’t really matter if end users don’t
understand the importance of security, so turn your users into your Company’s most
important defense against attacks by making sure they receive the necessary training.
7 EDUCATE YOUR USERS ON THE IMPORTANCE OF DATA SECURITY
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
Choose long and complex passwords for your computer and change them periodically throughout the year. Don’t use the same
password on all of your financial websites, because if your password on one site were to become compromised, all of your sites could
then be accessed.
8 UTILIZE GOOD PASSWORD STRATEGIES
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
Have a comprehensive disaster recovery plan in place and be sure to test it at least once a year.
And since the costs of cybercrime and data breaches can be extremely expensive, be sure
your Company evaluates the benefits of having cyber insurance.
9 BE PREPARED IT IS NOT A MATTER OF IF…IT IS A MATTER OF WHEN
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
You may think you’re backing your data up, but have you tested to see if the backup can be restored? Taking the time to do a periodic viability test on your backups can help you
avoid being unable to restore your data in the event of a real disaster.
10 TEST YOUR BACKUPS
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
Michael Camacho, CPA, CIA: [email protected] Kevin Ricci, CISA, CRISC, MCSE: [email protected]
LGCD IT Solutions | 10 Weybosset Street, Suite 700, Providence, RI 02903 | 401-421-4800 | 401-421-0643 fax | www.lgcd.com
We hope you enjoyed today’s discussion and leave with a better understanding of the risks associated with data privacy and
security and some strategies to protect your Company.
Today’s discussion only scratched the surface on the risks that can impact your Company. A common misconception is that using a third party IT administrator or having an accountant
reviewing or auditing your Company on an annual basis means your Company is secure. This is not the case - neither of these
services are designed to evaluate your system security.
Should you like to have a more in depth discussion on how certain risks or regulations impact your Company, or would like to discuss a formal systems assessment, please contact Michael
Camacho or Kevin Ricci by email or by phone at 401.421.4800 for more information.