You might think the most important thing you can get from any customer is their money. While this does pay the bills, any data they provide you with is just as important. If any of that information is misused or stolen, you could be faced with a big fine and irreparable damage to your brand. Here are three ways to control who can access your sensitive data.
Two-step verification
The old saying suggests that to solve a problem, two heads are better than one. When that problem is security, two methods of protecting your data is a lot better than one. Virtually every account we have online is protected by a password. Many websites demand that we add things like numbers, capital letters and even special characters to make the password as complicated to guess as possible.
The problem is that often cybercriminals don’t need to guess your password. If your password is stolen by a hacker, either by accessing one of your accounts or hacking a company that holds your details, they have everything they need to access your account no matter how complicated your password is. That is unless you have added a second layer of verification to your account. Many popular email and social media accounts now offer two-step verification. This means once they’ve sent you a password, they’ll text you a code to your phone that you then need to enter onto the website. That way as long as you’re in possession of your phone, you’ll be the only one that can access the account.
Install a security broker
If you and a group of colleagues all need to access and work on the same sensitive data together, it’s common to store the information on a cloud. This means that anybody from your company can access the data at any time of the day from anywhere in the world that has internet access. While many see that ease of access as a blessing, when it comes to security it can often be a curse. Allowing so many people to have access to the data in so many ways can increase the likelihood of one of your team either accidentally misusing the data or even worse, purposefully accessing the data with malicious intent.
To make sure your cloud is fully protected, make sure you install a security system. For example, the Cloud App Security Broker designed by Proofpoint allows you to increase the restrictions on the data. You can give different members of staff different levels of access to files, so you can protect your most sensitive data from all but a few carefully selected colleagues. The system also allows you to check suspicious logins and activity so if one of your colleagues is using the data inappropriately, you will soon be able to track down who it is and exactly what they’ve been doing.
Don’t send the details over the internet
It’s important that only you know the passwords and other methods of accessing personal data. While it might be tempting to email them to colleagues, you have no idea exactly how secure their email account is and whether it is indeed them asking for the details via email. Where possible, only share security details face to face so you can be certain who you are telling them to. If you can’t meet face to face, use a method that is difficult to hack like a physical note, a phone call or even a letter in the post.