The Risks of Saving Data Locally
We’ve all been there. 50 files cluttering your desktop, versions on top of versions and what seems to be an endless number of folders. While staying organized is crucial, it’s important to understand that storing critical or sensitive data on your computer or local network storage without the proper IT controls in place poses a number of risks.
Whether your computer has a critical failure, is stolen or lost, or your laptop is in the splash zone of that extra large coffee. There are countless ways those files could be gone in an instant.
Image by Backblaze
How Can You Protect Against Data Loss? It’s simple, back up your data to the cloud or alternative physical location on a regular basis. Solutions such as Dropbox, Box, Google Drive, Carbonite, and Backblaze are excellent cost-effective options to automate data backup. In addition, be sure to test your ability to restore data on a regular basis to ensure you’re able to successfully restore data in the event of an emergency.
Unauthorized Physical Access
While your computer, local network storage, or in-office server may be password protected, it, unfortunately, won’t protect against someone with physical access to the hard drive of the device. This is commonly overlooked and can significantly harm an organizations reputation if found negligent. Would you do business with a company who lost your social security number, healthcare records, or other sensitive information?
Image from Medium
How Can You Protect Against Unauthorized Physical Access? Implementing a Whole Disk Encryption (WDE) solution is an easy way to completely protect you in the event your device falls into the wrong hands. Both Windows and MacOS offer integrated solutions such as BitLocker (Windows) and FileVault (MacOS). If you’re looking for a more enterprise-grade encryption solution, Symantec and Sophos offer great options.
Unauthorized Virtual Access
Malware and viruses such as CryptoLocker and ransomware are evolving on a daily basis. In this virtual arms race, hackers are working tirelessly to exploit software and develop automated social engineering schemes to trick unsuspecting users into turning over sensitive information.
Image by Malwarebytes
How Can You Protect Against Unauthorized Virtual Access? In short, it depends… Installing and maintaining a trusted and regularly updated antivirus and anti-malware solution is a must. These come in many flavors and range in cost from free to $30+ a year per device. Webroot, ESET, and Bitdefender offer cost-effective industry-leading solutions that should help mitigate a large majority of potential risks.
In addition, a next-gen firewall appliance with packet capture technology is a great way to ensure devices within your office are protected from malicious traffic entering and leaving your organizations network. SonicWall and Cisco Meraki offer cost-effective solutions that get the job done.
While these are all great IT controls that every organization should have in place, it does not mitigate every potential risk. IT Security is both an art and science and requires a deep understanding of an organizations requirements and legal obligations to best protect their data in a method that cost-effectively addresses and manages risk.