Tips to Prevent Data Breaches in Your Business

Share on facebook
Share on twitter
Share on linkedin
Share on pocket
Prevent Data Breaches

Did you know that simple human error was responsible for more than a third of data breaches in Australia in the last year, according to the Australian privacy commissioner.

35% per cent of breaches were the result of human error, nearly two thirds (60%) of data breaches were found to be the result of malicious or criminal attacks, and only 5 per cent (5%) were attributed to system faults.

Data breaches pose a significant threat to many Australian businesses, and since mandatory reporting was implemented, they can also result in costly fines.

We’ve outlined the practical steps your business can take to implement best-practice procedures and prevent a data breach.

1. Store Only What You Need

Audit the current client / customer information you gather and where this is stored on your servers. Identify only what you need, and don’t collect additional unnecessary information. Minimise the number of places this personal data is stored.

2. Destroy Data Before Disposing of it

Destroy hard copies of records such as DVDs, USBs, and other portable storage devices. Deleting files does not erase customer data so use software custom-designed to permanently delete a hard drive, or physically destroy using a best practice process.

3. Protect Your Data

Restrict access to only those employees who need access. Conduct police or background checks before hiring new employees, and never give temporary contractors or vendors access to personal information. Ensure physical records are stored in a secure location.

Implement password protection on all devices and train staff to never leave electronic devices unattended. Ensure ‘strong’ passwords are mandatory, and changed regularly, and ensure staff work remotely only on company computers.

Don’t permit your employees to use file-sharing websites, block access to inappropriate websites, and do not allow staff to upload unapproved software to company devices.

4. Train Your Employees

Simple mistakes are by far the biggest contributor to human error data breaches in Australia! Emails sent in error to the wrong person were responsible for over 90% of human error incidents, and forgetting to ‘blind copy’ (bcc) was also a contributor. By implementing simple procedures such as reminding staff to double check addresses before sending, or having a colleague check an address, can easily mitigate such errors.

Create security and data policies and procedures and educate all staff about these procedures, so they understand types of information that are sensitive or confidential, and their responsibilities as employees to protect this data.

Ensure procedures include things like:

  • Lock computers when unattended
  • Logging off computers
  • Storing files securely e.g. locking filing cabinets
  • Keeping passwords secure and never sharing them

5. Encrypt Data Transmissions

Ideally, encrypt all data including email. Avoid using Wi-Fi networks, especially unsecure networks in public spaces such as staff working in coffee shops with ‘free Wi-Fi’.

6. Maintain / Update Software

Implement best-practice security software, use firewalls, and ensure security software such as anti-virus and anti-spyware software is kept up to date. Engage a reputable IT Services company to manage your security, and follow their advice regarding vulnerabilities and associated patches.

7. Closely Monitor and Control Use of Portable Media

Be wary of the use of portable devices that are more easily lost or stolen, and automatically ‘sync’ with desktop or laptop computers. Ensure these devices have strong password protection and encrypt the data that is downloaded to these devices.

Don’t Wait Until it’s too late

Sadly, for many businesses, they only care about security after they have been attacked or there is a serious data breach, which can be a costly legal, business and compliance issue.

This can be effectively mitigated by following the above best-practice steps, and engaging a reputable and experienced IT company who can help manage your data security.

If you’d like any further information, assistance with your cyber security or you don’t know where to start please call us on 1300 478 738 or email us info@suretyit.com.au.


About the author:

Geoff Stewart

Geoff Stewart

Geoff Stewart is a highly experienced and skilled IT Challenger at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT’s mission is to address and overcome the 4 biggest problems businesses have with their IT systems and support which are: poorly performing systems, unreliable systems, unresponsive IT support and poor IT related advice.

We’ve developed a proprietary process that allows us to do that by: thoroughly understanding your business requirements, gaining an in-depth knowledge of your IT systems, identifying mission critical technology issues vital to your business performance and ensuring our ‘Solution Path’ process is specifically designed and tailored for you with value based solutions and support.

Give us a call or send us a message on our contact page to find out more about how we go about achieving these outcomes.

Scroll to Top