securitywing

Top 10 Ways to Prevent Data Leak

by

Who wants to lose his sensitive and confidential data? The answer is everybody wants to avoid embarrassing situation and to keep his data safe. Fortunately, you can avoid losing your data by following a few tips. What you have to do it to remember the following tips by reading it 38 times. Yes you heard it right.

  1. Identify your important data: you do not have to protect all of your data because some data pose no threat if they fall into the wrong hands. At first, identify the data that you think sensitive and should be protected against any leakage. Example of sensitive data can be your bank details, customers’ details, product design etc.
  2. If nobody has access to your data then you, probably, have no threat of losing it. But when a number of people have access to your data, your data is more prone to make it into public. Can you trust the person who has access to your data? Remember that only a few of those who have access to your data may actually use it, and the others do not need it. So, allow access to your data to those people who only need it. The need to know basis access can minimize the risk of data leak significantly.
  3. You may have to send your data to outside for various reasons. It can be in tape backup or any other backup media, USB drives, hard disks or in your mobile phones. Data is always at risk when they are on the move. Before taking data outside, encrypt it with strong password so that even if you lost it, you do not lose its confidentiality.
  4. When you transfer data or any information via Internet, you may lose its confidentiality if some sniff it or get it by any mean. Sending an important email with sensitive information attached to it may fall into the wrong hands or even you may send it to the wrong address by mistakes. Sometimes, people use an email distribution list to send email. Take extra care when you email and check your distribute list. Send the email to those who only needs to read it.
  5. Sometimes, people take print out of financial information to analyse it carefully, but they forget to destroy it properly. Burn or destroy your unwanted papers so as it become irretrievable.
  6. People tend to replace their mobile phones, laptop or storage device quite frequently because of quick development of new technologies. No matter why you want to replace your mobile phones, you should always destroy the data stored in your old device. Remember that by simply erasing data is not enough. A number of data recovery software exists in the market that can recover data even if you format your data disk. Therefore, delete or destroy your data properly before you throw out your old phones of computers.
  7. Identify the process that is used to process sensitive information. Make sure if the process has any vulnerabilities.
  8. Identify the endpoints that carry data. Your mobile phone or laptops, which are more likely to be stolen, may store sensitive information. Ensure the security of your endpoint devices and encrypt valuable data with strong encryption algorithm.
  9. Run a data loss awareness program in your organization. Send out an email explain the ways that may lead to data loss. If possible spoof an attack so that you can identify your colleagues who are likely to cause data loss. Run data loss drill program once a month so that everyone take necessary measures to prevent data leak incidents. Give proper briefing and training about data loss to the new employees.
  10. Make a list of all the location where you keep your sensitive information. Also make a list of devices that are used to store important data. If you have to give access to your data to third party organization, you need to be aware that they pose a threat to data leak. Also, make a list of all the staff in your organization that has access to sensitive data. Now, you know that from where and by whom you data may get leaked.

 

By not considering the risk of data loss seriously, many business lost their credentials and reputation. Therefore, start your data loss prevention program, if you already have not done so, by following the tips provided in this post and do not forget to share your feedback with us.

Related Posts:

Syras is a telecommunication and IT security professional with over 10 years of experience in this field. He has been running his personal blog Securitywing.com since 2010. He has the following certifications:

  • CISA(Certified Information Systems Auditor)
  • CCNP(Cisco Certified Network Professional)
  • Prince2( Project Management)
  • Machine Learning

 

Copyrights

Protected by Copyscape Duplicate Content Detection Software

Securitywing.com reserves the copyrights of all of its published articles.No contents of this site is permitted to be published to anywhere else in the Internet.If any contents are found in any other websites, securitywing reserves the rights to file a DMCA complaint. But you have the right to use the link of any relevant article of this site to point from your website if you consider that it might improve the quality of your article.

Tags

audit AWS backup basics browser check cisco cloud computer configuration database email encryption firewall gmail hsrp ids iis informaiton internet it linux load balancing malware microsoft network protection redundancy risk router security security tips server ssh SSL switch test tools vpn vrrp web webserver website windows wordpress
banner