In this article, LIFARS outlines the best practices toward protecting your organization from data theft. To understand why data theft is a concern during employee departures or attrition, click here.
The best way to protect your organization is by proactively introducing and establishing a number of best practices.
A number of them are as listed below:
- All sensitive and confidential data must be encrypted at all times. This is crucial.
- Organizations must also maintain complete oversight into sensitive data to ensure they’re aware of where such data is being stored.
- All emails should be archived.
- A proper backup and recovery policy is vital. All data should be secured and backed up in an accessible or centralized location. A recovery plan is essential and needs to kick in if or when an employee modifies or deletes any data.
- Have a policy to strictly limit and manage employee access to sensitive data by department, role and function. Ensure that access is limited only to content that is required for the job and role.
- Stick to stringent security policies that require appropriate authentication for sensitive data. The data is further secured with policies that could alert or require approval.
- Ensure a proper use of email and company-owned devices. Employee training is critical on these policies, with a signed acknowledgment form.
- Keep employees from installing their own applications, mobile apps and other software as they are vulnerable to malware and ransomware.
- Train management to the extent that when an employee vacates the company, the exit process is handled in a professional manner to avoid malicious or inadvertent loss of data.
- Develop policies for BYOD (Bring your own Device) to have personal devices secured at all times.
Image credit: LIFARS archive.