|
 |
 |
| Top 10 Tips for Protecting Business Data |
|
| nacsonline.com/ezpci. |
|
1/28/2010 -
CHICAGO – According to the Federal Trade Commission, approximately nine million Americans have their identities stolen each year.
Data theft is a growing issue that can cost consumers and businesses millions of dollars repairing the damage to their name and credit record. In honor of Data Privacy Day, celebrated on Jan. 28, Cintas Corporation put together a list of 10 tips for protecting business data:
1. Implement a document management program. Identify the types of documents considered confidential and train co-workers on responsible information-handling practices. Restrict co-worker access to these documents and discourage printing of confidential data unless essential.
2. Implement a document retention schedule. Identify the amount of time to retain specific documents. Store these documents in a secure place until the retention period expires. A secure place restricts access to co-workers who don’t have a need to access such files. When the retention period is complete, have the documents shredded by a trusted and certified company.
3. Regularly shred sensitive documents. To protect sensitive information, consider a shredding service that destroys business documents onsite on a scheduled basis. These companies place secure storage containers in easily accessible and identifiable locations to make it convenient for employees to shred documents. This limits opportunities for employees to make judgment calls on which documents should be shredded. If in doubt, shred.
4. Keep documents securely offsite. In addition to outside hackers, valuable employee or customer data may also be compromised. To prevent an unauthorized co-worker from accessing data, keep non-essential documents offsite, further limiting potential access.
5. Limit acquisition of confidential customer data. Review the type of customer data your business collects. Unless it is integral to the business transaction, avoid collection of information such as customers’ social security, bank accounts or driver’s license numbers. If the information needs to be gathered, restrict access to only those co-workers who need the information.
6. Use password protection. Protect files that contain sensitive data, including payroll, customer and financial information with passwords. Make sure your co-workers change passwords on a quarterly basis at minimum with a combination of six to eight numbers and letters in upper and lower case to further the reduce the opportunity for passwords to be compromised.
7. Install and update virus protection software. Virus protection software is the first step in preventing a worm or virus from distributing files or other stored information from a computer over the network. Make sure employees regularly check for software updates so computers are protected against the latest virus threats.
8. Clear data before disposing of old computers. Even if a computer is no longer used, sensitive data is still available on the hard drive. Potential hackers or data thieves could prey on such data. Use software programs to wipe the data or identify a data destruction vendor that will physically destroy the hard drive.
9. Review company credit card statements. Company credit card data can be compromised just as easily as consumer data. Before paying bills, make sure each employee has reviewed each item to prevent unauthorized charges. If unauthorized charges occur, be sure to notify your credit card company all three credit bureaus to protect your credit.
10. Limit use of file sharing programs. While an effective way to collaborate and share documents, file-sharing programs can also expose a computer to hackers. If they must be used, make sure the system is protected by strong firewall and virus protection software that is regularly updated.
To learn more about data protection and other related technology issues, such as PCI compliance, plan on attending NACStech, May 5 to 7 in New Orleans. Register today at nacstech.com.
Also, NACS recently launched its latest PCI compliance tool: NACS EZ PCI. This new product simplifies the PCI compliance process so you can complete the self-assessment questionnaire (SAQ) with speed, ease and confidence. The tool automatically scours your SAQ for compliance errors, scores your security level and provides plain English help for correcting issues.
NACS EZ PCI provides $50,000 in breach insurance coverage per site, even if you are determined not to be in compliance at the time of breach. Qualifies Security Assessors are just a click away to answer your most pressing questions.
NACS members pay a low $119 and can upgrade to a "Plus" version, which includes a quarterly schedules cyber attack simulation and a report on potential vulnerabilities in your network. The advantage of covering all of your PCI compliance requirements with a single integrated product and services solution like NACS EZ PCI is priceless. To learn more and to place an order, visit nacsonline.com/ezpci. |
|
|
|
