Protecting sensitive data is a basic goal of all IT security measures. Security measures are designed to help protect against identity abuse and support privacy protection.
Data security is essential
When planning new processes, think about data security, both in terms of preventing their operational leakage as well as their backup and protection against unplanned outages.
Plan
Pay close attention to planning, include also data security checks, proper treatment of data, access permission controls, and think about data archiving too.
Get to know your data
Each data has its “value” and its protection should be appropriate to that value, so you need to know what data you are working with and adjust the rules and processes accordingly.
Clean up
Keep only the data you need in normal operation. The unused data you can either safely archive or delete. When archiving or deleting data, make sure that this inactive data is deleted on all computers and other devices.
Keep in mind also the physical security
All security measures and passwords will be useless if you leave your end devices accessible and unlocked, while being logged in to end systems. Also, keep in mind that no thorough password will give you your device back if it is stolen.
Back up your data and also try to restore the data
We have mentioned the need for backup and archiving several times, but all these measures will be useless if the data cannot be restored. Therefore, verify the possibility of recovering your data. It is good to have the data backed up, for example, on a tape, but it is a problem if this tape cannot be used because it is unreadable or the necessary device is no longer available. It’s nice to “burn” the data on a CD-ROM, but it’s a problem if it can’t be read.
Analyse risks
Knowing the risks of disclosure, loss or misuse of certain data will help you make better decisions and set the way how to work with them and how to protect them.
Follow the rules and principles
On this site you will find current internal rules and regulations, as well as basic links to the general rules for working safely with data, computer technology and networks. Learn them and respect them.