Most businesses are now reliant on the internet for their operation, and therefore, the amount of information and data they are handling has increased dramatically. Most organisations find themselves dealing with large databases stored on sophisticated computer networks and cloud services. This can be a significant change for many who, a few years ago, were using only paper files.
Many of us have benefitted from the boost to productivity that speed of data transfer has bought but, keeping it safe is an increasingly complex challenge. Data breaches can negatively impact on your business, and put you at risk of legal action from clients who have had their data compromised.
They are in fact two very different things. Data refers to simple facts and figures, like a number or a word. On its own, data does not mean a great deal, and is of limited value to a cyber criminal. However, data can be processed, organised, interpreted and presented so it is meaningful to the user, at which point it becomes information.
Let’s take Santa Claus for example. His database will be full of information about nice and naughty children all around the world. A piece of data from that database might be ‘rollerskates’, or ‘Noah’. On its own, those words don’t mean much. However, when Santa’s elves run a database query and pull a child’s full record from the database, it becomes useable information.
The types of information stored by businesses varies massively. Currently, the most common types of data stored include customer, user or patient information, sales transaction records, and internal business information such as research, communications, and trade secrets. All of this information can be valuable and, if users by cyber criminals, your business may be liable for any losses that your customers incur.
Cyber criminals will attempt to obtain any information that is profitable or useful - even items that do not seem valuable to you. Some are malicious, and will obtain information that damages a business in some way. The most valuable types of data and information include:
The consequences of a data breach will be wide-reaching and unpredictable. If the general public are aware of the breach, the reputation of your business may suffer. Customers may choose to go elsewhere if they believe their data is unsafe, and may even sue your business.
If cyber criminals steal internal business information, your business may be blackmailed. Cyber criminals may intentionally leak your confidential information online, putting your business model at risk.
To protect your business’ data and information planning, it is crucially important to educate your staff on cyber security and the risks presented. Cyber criminals often gain access to a business’ computer network because a staff member has made a mistake, such as using a weak password or opening a phishing email. Some key steps towards better data security include:
Next week, we will be looking at the incoming General Data Protection Regulation (GDPR) and the steps we are taking to help our clients ensure that their organisation is compliant and protected. If you would like help navigating GDPR, please get in touch with one of the team at Integrated Resources today.