Did you know January 22nd through January 28th is Data Privacy Week? Data Privacy Week is a relatively newer event that originated from what is known as Data Privacy Day, which is January 28th. To learn more about Data Privacy Day and the beginning of Data Privacy Week checkout this great article from the National Cybersecurity Alliance.
What is Data privacy
The phrase “data privacy” can mean different things to different people, but I like this definition from Cloudflare, “Data privacy generally means the ability of a person to determine for themselves when, how, and to what extent personal information about them is shared with or communicated to others. This personal information can be one’s name, location, contact information, or online or real-world behavior.”
It starts with you
It starts with an understanding that protecting and safeguarding the information your business has access to is important. Protecting this data helps create a level of trust with your business and its customers, partners, employees, and even the community in which your business is located.
Identifying data types
Not all data is the same. Different data types have different values and it’s important to identify what data your business has. It’s important because protecting data costs time and money, so you want to protect the most business critical data. The loss or exposure of business critical data can shut your business down, sometimes permanently. Business critical data comes in many forms:
- Personally Identifiable Information (PII) – Social Security Numbers, Driver’s License Numbers, Dates of Birth, etc.
- Intellectual Property – Patents, Trademarks, Design Specifications, Trademarks, Copyrights, etc.
- Customer Data – Client Lists, Financial Accounts, Payment Methods, Account Numbers, Addresses, PII. etc.
- Employee Data – Human Resource Information, Financial Accounts, Addresses, PII, etc.
- Business Operations Data – Emails, Business Strategy, Vendors, Service Providers, Contracts, PII, etc.
Protecting your data
There are numerous ways to protect your data and it is highly recommended to speak to a cybersecurity professional to identify the best ways. In the meantime though, there are steps a small business can take to prepare.
- Identify your data and rank its importance. This is called data classification. There are numerous ways to classify your data:
- High, Medium, Low
- Confidential, Restricted, Public,
- Confidential, Internal, Public
- Utilize Multi-factor Authentication on user accounts
- Reduces risk of unauthorized access
- Have a strong password policy
- Long, complex, unique
- Ensure users/employees have access only to the data required to perform their respective role
- Access of Least Privilege
- Backup your data
- Ensure backup integrity and restoration capabilities
So before the end of Data Privacy Week, create your plan to better protect your business.
Come checkout some of our Client Stories and learn about their successes!