8 things businesses need to do to keep data safe
By Carmen Vicelich, Data Insight CEO
Background: The ‘WannaCry’ Cyber Attack of 2017
This week’s global cyberattack on hundreds of thousands of businesses is yet another reminder of the importance of business data security. The ‘ransomware’ reportedly locked up computers, largely in Asia, in hospitals, factories, government agencies, banks and other businesses across the world. Thankfully, it seems New Zealand was relatively spared – but this latest attack further amplifies the importance of keeping data safe .
There’s no doubting data is the new oil of the 21st century and the key to delivering true customer centricity to compete with global brands.
In the last few years, the data industry has really taken off and there’s been a real race to collect more, enabled through cloud, in order to do more. New technology is evolving and there’s a real hustle going on to hire chief data officers, data scientists, building analytics capability and becoming ‘data-driven’. It’s a key topic I regularly get asked to speak on and there’s a real art to evolve and compete in the age of the customer.
But with data comes risk. And amongst all the shiny new gadgets and technology, organisations getting caught up in the race to compete with global brands such as Amazon and Netflix, comes the real risk of a lack of focus and investment in some of the more fundamental parts of data protection.
Data is now a valuable asset and it’s imperative the capture and storage of all data held by organisations has an established and ongoing process to manage and protect that asset. In my two decades of experience working in the Australasian market, examples of best practice are few and far between due to legacy systems, lack of governance and an absence of a ‘data steward’ to own this risk.
The recent spate of cyber-attacks targeted many large, recognisable brands and caught some organisations short. Thankfully, the second-wave outbreak that many feared would materialize when we all returned to our offices on Monday morning failed to materialise – but that doesn’t mean it won’t or there won’t be another similar attempt any time soon. Smart hackers know the value of data and will continue to go after it. It’s now more important that companies ensure their data protection systems and processes are robust.
Here’s 8 key things Kiwi businesses can do to ensure their data is safe:
Back up data at regular intervals and store in a safe haven
Limit access to data on a ‘need-to-use’ basis to limit exposure
Develop a data hierarchy of sensitive data (such as private customer details) versus less sensitive data
Develop secure and robust protocols around the use of devices for external use; for example only those with administrator rights can download new software
Educate staff and increase awareness
Ensure all machines and firewalls are all up to date with protection in place
Include mobile phones and any BYOD (bring your own device) protocols into your policies and protection as these are an easy entry point for insecure devices to access secure networks
Implement appropriate email sweeping technologies to block such issues
While this may sound basic to many large businesses, the risk is more real to the thousands of Kiwi SME’s who can just as easily be targeted, but are less likely to have any data protocols or back-ups in place.
Cyberattacks are reportedly now five times more likely to impact us, yet the least insured against. As the various forms of attacks continue to evolve, the risk is very real and the next wave is now not an ‘if’ but a ‘when’.
Don’t wait to be a victim – make sure your data is protected.