Video Transcript

A lot of businesses think data breaches are only caused by malicious international hackers with sophisticated equipment. The truth is, some of the most serious threats to your company data can be within your own office walls. In this video, we look at 5 simple ways you can prevent data breaches in your business today.

The first way to protect company data is ensure hard copy documents are contained. You may be surprised by how many employees leave confidential documents at the office printer or unattended at their desk, making them vulnerable to theft. Potentially sensitive hard copy documents should be secured in filing cabinets, which are inaccessible to visitors, service staff, and freelancers. It’s important that businesses educate their employees on the potential risks of holding hard copy documents, and train them on clean desk policies.

The second thing to consider when protecting company data is to control removable media. USB sticks, hard drives, digital cameras, and smartphones can all contain potentially sensitive company information. Removable technology has the ability to store and transfer large amount of data, usually with minimal detection. These devices do not arouse suspicion, as most people have them, but can be highly dangerous to data security and can carry viruses and malware. They are also small and easily stolen or lost. Again, companies need to educate their employees on removable media policies, like encryption, two-step verification, passwords and controls on using foreign devices.

The third essential security measure your business can take today is to have all staff, technicians, cleaners, and maintenance personnel sign confidentiality agreements from day one. This protects your business from potential liability and security breaches involving current or past staff members.

Your business should also ensure all staff can recognise data risks as they appear, which is the fourth security measure you can take today. Some of your employees may not be technologically savvy, or have had minimal exposure to scammers and phishers. Recognising these threats is essential in proactive protection of company data. Phishers imitate companies that your staff frequently conduct business with, and try to obtain information through a variety of channels. Security training is the best way to ensure employees are able to identify threats like these and respond accordingly.

The fifth way your business should be protecting its data is implementing an information security management system. An information security management system compliant with ISO 27001 will provide a roadmap for data protection that will safeguard your company from costly data loss.

At Compliance Council, our information security consultants assist businesses like yours in achieving certification to ISO 27001. To learn more about the data security threats facing all Australian businesses, download your copy of our free information security whitepaper.