Businesses used to fret about sensitive documents, often keeping them stored under lock and key in safes, desks or file cabinets. Today, so much data is exchanged electronically that hardcopies are usually produced only when necessary.
Businesses used to fret about sensitive documents, often keeping them stored under lock and key in safes, desks or file cabinets. Today, so much data is exchanged electronically that hardcopies are usually produced only when necessary. But the need to protect this information is more important than ever, particularly since so much data is being stored in the “cloud”—on Internet servers rather than on-site.
Already, nearly a quarter of small and medium-size business data resides in the cloud according to software security firm Symantec.
While cybercriminals rank highest among the threats to cloud-based data, Symantec recently assessed the many routine ways by which file-sharing can increase the vulnerability of sensitive data falling through a proverbial “digital crack” and ending up in the wrong hands. Among them:
Mobile Devices. Symantec found that 54 percent of employees are now relying on mobile devices for line-of-business applications. Because employees may be using their own phones or tablets, it can be difficult for companies to control data that is accessible by mobile devices. Countermeasures such as remote wipe (erasing all data on a device from a separate location) or locking access to shared folders can help prevent data breeches, and limit the damage in case a device is lost, stolen or misplaced.
Competitors. More accurately, the source is a former employee passing data to a competitor. According to Symantec, more than half of employees who stole intellectual property, did so by using email, remote network access or network file transfer to remove the data. A small business should establish clear policies on data ownership, and aggressively pursue any employee who violates them.
Cloud Vendors. When evaluating cloud vendors, make sure you can instantly remove access or wipe information once an employee leaves. Also assess how much the vendor emphasizes data privacy and security. A small startup vendor may be less expensive than a well-established firm, but also lack the resources and commitment to fully protect their customer’s data.
A good source for keeping up with cloud security trends and protective measures is the Cloud Security Alliance (cloudsecurityalliance.org), a not-for-profit organization dedicated to promoting the use of best practices for providing security assistance within cloud computing. The website offers several downloadable guides and reports to help you shape a security strategy suitable for your small business.
To learn more about technology issues facing your small business, contact SCORE “Mentors to America’s Small Business.” SCORE is a nonprofit organization of more than 12,000 volunteers who provide free, confidential business mentoring and training workshops to small business owners. For more information, contact the Lake of the Ozarks SCORE Chapter at LakeOfTheOzarks.SCORE.org, by e-mail at firstname.lastname@example.org or call 573-346-5441.