Last week, Yahoo came clean about a 2014 data breach that saw hackers stealing information associated with at least 500 million Yahoo user accounts. This data breach has been described as one of the largest cybersecurity breaches in history.
According to the technology company, the stolen information includes names, email addresses, telephone numbers, dates of birth, passwords and, in some cases, encrypted or unencrypted security questions and answers. Fortunately, no confidential financial information such as bank account numbers and credit card data was included in this stolen information. Yahoo believes that a “state-sponsored actor” is responsible for the breach, meaning that the hack was undertaken by an individual or group acting on behalf of a government.
The reality is that no business or individual is safe. If you aren’t aware of the risks modern businesses are facing at the hands of hackers and cyber criminals, it’s time you get clued up. According to a 2015 study by IBM and the Ponemon Institute, the average data breach costs a company about £2.37 million. And this estimate doesn’t factor in the reputational damage, impact on brand image and loss of valuable business opportunities that can occur.
Businesses need to be prepared, or risk massive financial loss and reputational damage. Here are a few things you can do today to up your data protection game.
Establish clear data protection policies and procedures
It’s important to remember that sound data protection policies are as much about recovering sensitive data in the event of a breach as they are about preventing critical business information from being exposed in the first place. Your workforce must understand the importance of data protection and the risks associated with data loss. A culture of accountability should be created so that people understand the possible ramifications should they behave negligently. These policies and procedures are also essential because they ensure that the organisation, and everyone within it, are always adhering to broader data governance standards.
Be mindful of backups
If you aren’t regularly backing up corporate data it’s only a matter of time before crucial business data is lost. Data loss halts productivity and can tarnish the relationships you have with your customers. Did you know that 62% of small businesses fail to regularly backup their data? To take the hassle out of data backups, and to ensure your critical business information is always protected, it’s best to automate the process. Partnering with a trusted cloud service provider or storing information on off-site servers is a great way to protect information against data loss due to PC failure, viruses, human error, theft or natural disasters.
Be aware of the threat within
Employee negligence costs companies money. Roughly 95% of all security incidents involve some sort of human error. One of the best ways to reduce the risk of human error is to provide proper data protection and security training for all staff (have your staff read this checklist on how to identify a phishing email). Beyond this, all employees must be monitored to identify unusual behaviour before something goes wrong or before important data goes missing. Sadly, malicious employees do exist and they can cause significant data breaches if you’re not keeping an eye on everything that is happening within your organisation.
If your business doesn’t have the right data protection and security systems in place, you run the risk of losing critical business information. Our business continuity and disaster recovery strategies offer you a high level of protection against any eventuality – before, during and after it happens. For more information about our IT services, get in touch with us here.