Are you ready for the holidays? As everyone wraps up for their holiday break, have you ensured that your organization is set to handle anything and everything when it comes to security while you’re out of the office? Stay ahead of the game by following our quick holiday security checklist. And don’t forget to check it twice!
1. Office Closure
With many offices closing over the holidays, employees are more likely to remove devices (such as laptops, tablets and other equipment) from the office. This can lead to devices that are misplaced, lost, or used incorrectly - creating the perfect environment for a data breach. Prior to any closures, make sure to review which employees have access to your sensitive data across all levels. This helps to ensure that only the correct employees have access to critical information, reducing the scope of your risk. This is especially important over the holidays, when people tend to be more lax, and security slip-ups are more likely to occur. It’s always worth a quick reminder to all staff to be extra vigilant with items like laptops and phones at this time, leaving it on the seat of a car “for just a minute” is an invitation to conventional criminals. The same is true for cyber-criminals who look for ingenious ways to entice people to download malware which will target their machine. Our recent Clearswift Insider Threat Index found that 35% of employees say they have access to information above their pay grade, demonstrating the importance of proper security clearance measures. Making sure information is on a ‘really, really need to know’ basis can help reduce and contain risk.
Another way to prepare yourself for an office closure is to review the security policies you already have in place. Reviewing these with employees before they leave for the holidays will leave the information fresh in their mind, which can help to reduce the growing ‘insider threat.’ We have found that 44% of employees don’t follow data protection protocol, making it critical to review policies. Handling a data breach with a full staff in-office is hard enough, so it’s critical to review policies to reduce the risk of a threat when the office is empty and employees are unavailable or working remotely.
2. Working Remotely
Since your office will likely be closed for a period of time over the holidays, many employees will be bringing work home with them and working remotely. This creates an increased risk of a data breach. As more workers need remote access to documents on the road, more opportunities are created for hackers to invade, or for employees to unintentionally expose critical information such as marketing plans, new product information, proprietary codes or unpatented information.
Our Adaptive Redaction technology, can help put a final stop in place for when other security measures and training fall short. This can help offer peace of mind while preparing for the holidays – and in general! Adaptive Redaction makes it possible to overcome the traditional ‘stop and block’ nature of DLP by automatically removing the specific content which breaks policy – leaving the rest of the communication unhindered and keeping your business communications flowing. With Adaptive Data Loss Prevention the risk of financial or reputational damage by the unauthorized disclosure of sensitive data is mitigated. Through preventing attacks and protecting your sensitive information, A-DLP enables better collaboration with your partners and customers, as well as, keeping your critical information safe, providing security that enables your employees rather than working against them; which is particularly crucial when working remotely.
3. When all else fails, have a back-up plan
It is important to anticipate data breaches and be prepared in case they should occur, and on the off-chance that all of the prior preparation doesn’t prevent one from happening, it is also important to have a protocol in place in the event of the breach. You should make sure to ask yourself these questions:
- Do you have a point person in the event of a breach? Who gets notified and who takes action in the event of a security breach?
- What is the first immediate step that will help to minimize exposure? What is the protocol in place to lock-down and minimize the damage from a breach?
- What are the guidelines that your employees must follow? Is everyone aware of their role and necessary actions?
- Do you have a communications plan in place both internally and externally?
- How will you notify the parties affected?
- Do you have a response team in place?
These are just some straightforward tips to help you get through the holidays as securely as possible. We at Clearswift are here to answer any of your data loss prevention questions, and we wish you all a happy and safe holiday season!