Safeguarding data is a crucial step to take in the current climate.
I would guess that there aren’t many business owners or senior executives that would dream of leaving important company files open and spread on the desk for others to see when they have left the office. Whether it is important information about their own business or about their suppliers or customers.
Nor would you see the same people take files out of the office and leave them in plain sight, say, on a train, unguarded, during the journey.
It’s second nature for most people that such information is sensitive and is held in trust by the owner – and that it should be put away in a locked filing cabinet when not in use.
Data held in digital form is of course just as valuable – and actually, easier to lose to a malicious agent of by distraction and carelessness.
There are many methods that we deploy to ensure the security of data held in corporate systems. These include the assigning of appropriate permissions to the data, storing it in a secure location, either locally or in the cloud, and encryption. Validating access through the use of multi-factor authentication is also a crucial method of securing data.
However, individuals can compromise security by not being vigilant to phishing attacks, using unsecured public wireless networks, and by the ignoring simple precautions because of convenience. An example of this is using a USB key to copy important data to pass to colleagues, and then failing to remove the files from the USB key afterwards.
In this case, the best advice would be to not use USB keys at all for critically confidential data.
In the past it could be that such a data loss was inconvenient and embarrassing. Now, of course with GDPR, it could be costly and reputation damaging. Treat all your data as you would a confidential file in the office!