You Can Prevent Data Security Breaches!
The recent data breaches at Yahoo made big headlines and have caused a serious dent in the the company’s reputation. The first major data breach resulted in user account information of more than 500 million users being compromised and the second breach reportedly affected more than 1 billion users. Data security experts believe that the breach affected personal user information. So what exactly is a data breach?
A data breach is an incident in which data that is confidential or sensitive in nature falls into the hands of unauthorized people who could then use it for potentially damaging purposes. It is believed that depending on the sensitivity of the data being compromised, a data breach could cost an organization as much as $6 million or approximately $200 per record being compromised. Data security experts say that with the right measures organizations can prevent data security breaches.
Data Security Policy
The first step for any organization is to have a data security policy in place. This should include a security classification of the different types of data within an organization and how each classification is to be safeguarded. Make sure the policy covers how data is to be shared with external vendors that could be your partners.
Educate Employees
Threats to data could come from both external and internal sources. Hence you must train you employees and make sure they understand how to handle and protect sensitive data. Your security policy should be designed to ensure employees follow the rules. For eg: many organizations do not allow pen drives on their laptops as a data security measure.
Incident Response Plan
Make sure you have an incident response plan in case a data breach does occur. The plan should include who should be informed in case of a breach and what actions are to be taken. Depending on the kind of breach, this might need the inclusion of legal teams as well.
Conduct Risk Assessment
Conduct regular risk assessment exercises within the organization. Make sure your data classification is up to date. Data access must be granted only on an as needed basis. Also do not capture and store any data that you don’t really need. Also make sure data backups are just as secure. Identify any new risks that may not have been part of your original risk management plan. The plan should be always kept up to date.
Follow Security Best Practices
This includes encrypting data where appropriate. Keep security patches on all your systems up to date. Use firewalls to keep unauthorized users out of your network. Use security scanning software on your systems. You may need to have a separate team that only focuses on keeping your organization safe from online criminals and ensure data security.



















