Protecting Your Data
How do you ensure your information is secure and protected? Picture this. You’ve been working for weeks on a piece of work. You’ve spent hours and hours drafting, redrafting, tweaking, refining and redrafting again. You have that piece of work as good as it’s going to be. Then, your drive corrupts. The file is gone.
Do you A. Panic, call anyone who remotely works in IT, die a little inside from all that work gone? OR B. Go to your backup and retrieve the document?
Far too many people are an option A. There is no backup plan for their work. Backup is a word other people use to scare you into thinking you may have a problem in future. You spent good money on what you use – you’re not cheap! It’s built to last, reliable, sturdy.
Businesses cannot afford Option A. It not only causes legal issues but looks unprofessional to clients. Looking back even 7 years ago, online storage was not that common. With the rise in cloud storage services like Dropbox and Google Drive and the ability to sync data across devices, online storage has become the primary means of storage. The General Data Protection Regulation (GDPR) has affected how these services store information, although we won’t go into further detail in this article.
Where is your information stored?
But where is that information stored? The idea of ‘cloud’ storage was an amazing concept, but physically that information goes somewhere. Physical data banks exist around the world to hold your information, but it’s not entirely clear where your information is. We know data breaches happen – some major security breaches in 2019 were Canva, Capital One and Facebook.
Security is not just about being hacked, it’s also about poor security. Businesses need to know where information is, how it’s accessed and who has access to it. If you can’t answer these three points at this moment, find out ASAP.
Decide where you will store your information
There is no 100% foolproof way of securing data online. If it’s sensitive and critical to you, don’t put it online. Keep hard drive backups and have a daily update routine (this could be minute by minute depending on how much information is generated). This is how businesses did it prior to online storage but online storage has made it so convenient to manage your information.
Where your information is, is one part of the process. How you use that information is another element. A great filing system is structured, makes it easy to find information and only gives access to those that should have it. We are all guilty of saving to Desktop or the most convenient place and thinking ‘I’ll file that later’. Weeks may pass and the document is still sitting in the same place, unmoved, forgotten.
Filing name bad habits
Another issue is bad filing name habits. What you remember at the time, such as ‘List of clients 12/8’ will make sense but if you look at it when you go to file it weeks later you will probably have no idea what that means. File names need to be succinct, dated, and if possible version controlled. ‘20190812 List of Active Business Clients for Blue Ninja v3’ means you know when the list was run, what’s on it and that you’ve done this twice before, assuming you have an Archive and Destruction policy for previous versions.
Information Retention and Destruction – do you have a policy?
What do file names have to do with information security and protection? It means you may not accidentally delete something important, or that you are not holding information longer than necessary. Let’s assume that you’ve got a list of clients, at some point those clients will no longer be active. By being GDPR compliant you should not hold information on your client longer than necessary. Financially you must hold certain information for a period of years.
By knowing when something was created you know when you should destroy it. A process for retention and destruction of documentation should be a part of every business’s information strategy.
Be Vigilant and Information Savvy
It’s up to every business to be vigilant about what storage system is used, making sure it is compliant with legal data regulations, backed up, and knowing what is being saved and when it should be destroyed. Businesses who don’t do this are at risk and inevitably will run into problems down the line, be it legally or in wasted time and money spent on trying to locate information. Know who has access to what information and what they are using it for.
Let us know in the comments of any other data hacks that you have heard of and your thoughts.