Theft is a concern that practically every business faces. While shoplifting and employee theft represent a majority of the threats that a company must contend with, they are not the most harmful.
When a thief steals a company’s client list or financial details such as bank passwords, the results can be devastating.
For instance, if an identity thief steals a list of customers’ billing records, the company could be at risk of substantial legal liabilities.
In the case of a medical business, if patient records were to fall into the wrong hands, this might lead to hefty HIPAA fines, since companies are now required to protect personally identifiable information.
Being a victim of data theft can also ruin the reputation of a company when news of the breach gets out.
Furthermore, in some states the law stipulates that businesses must warn their customers in the event that this occurs. As with other crime-related issues, the best cure for data theft is prevention, and one of the most critical methods of prevention is encryption.
What is Encryption?
Data encryption is a technique by which computers scramble data so that it becomes unreadable by individuals who are not authorized to access it.
In addition, encryption makes it difficult for other computers to de-scramble the data back into text that is readable by humans or otherwise useful.
This method of hiding data has existed to some extent since the times of the Roman Empire, and in modern times has become extremely sophisticated.
This is due to technological evolution and the constant struggle between security professionals and thieves looking to gain access to data that they are not authorized to see.
As a result, the cutting edge encryption of today will become obsolete over time, which means that it will always be necessary to periodically upgrade one’s encryption schemes.
Encryption Techniques
There are several ways that a business can encrypt its data, and it is important for the company to choose the method that works best for their situation.
Sensitive data that is on a hard drive is vulnerable to physical theft. If someone steals the laptop or computer, he or she has potentially acquired some or all of the business’s critical information. In this case, the thief can be thwarted by encryption at the file level or the whole disk level.
Encrypting emails and important individual files or directories is a method of preventing unauthorized access to data that will be less burdensome on a computer.
Microsoft Windows can achieve this with BitLocker while independent solutions include free software such as Truecrypt. Truecrypt works not only on Windows, but also on Unix-based systems, including BSD and Linux. Whole disk encryption prevents thieves from accessing anything on the hard drive.
Any data that leaves the computer and travels over a network is inherently vulnerable to interception by an unseen third party. Unlike with physical theft, cyber criminals can steal important data without ever setting foot on the premises of the business they’re attacking.
Watch Where You Connect and Who You’re Connecting With
Corresponding with a customer via email or even sending critical financial data to a bank creates opportunities for theft to occur.
In addition, employees working at home are susceptible to interception of their data by unauthorized individuals.
The riskiest medium for network communications, however, is the wireless, or WiFi network. Laptops and mobile devices transmitting data across the open air to a wireless receiver are almost automatically intercepted by other devices.
Encryption for wireless transmissions are, therefore, absolutely critical. Businesses that correspond via email should consider using encryption whenever possible.
Options for email encryption include GnuPG or S/MIME, both of which are free and widely supported by email client software.
Use A VPN For Added Security
Employees who are working at home should always use an encrypted Virtual Private Network, or VPN, to access their data at work.
Encrypted VPNs hide internet traffic inside a regular network, making it hard for thieves to know that important data is traveling over the network.
Employees should never allow their laptops to connect to a wireless network that has anything less than WiFi Protected Access Level 2 (WPA2) security and Advanced Encryption Standard (AES) with Temporal Key Integrity Protocol (TKIP) encryption.
Create and Use Strong Passwords
Regardless of what kind of encryption a business employs to protect its data, it is only as effective as the passwords that the company and its employees use. Passwords that are short and easy to remember are inherently easier to crack than those that are long and complex.
Employees and businesses should never use dates, names, Social Security Numbers, common phrases, or anything with less than twelve characters long, as passwords.
Strong passwords use a combination of upper and lower case letters, numbers, and punctuation marks such as parentheses, brackets, and other characters.
Don’t Let A Data Breach Ruin Your Business- Secure Your Systems Today!
Record Nations can help you find a secure hosted server that will best fit your cloud storage needs, or a document management system to ensure your system is protected while giving you the flexibility to access your files from anywhere.
We work with a team of professionals that provide reliable data migration and cloud services for your business. Our cloud services will keep your records safe and easy to access. Learn how our solutions can help you today!
To get started, fill out the form to the right, or give our experts a call at (866) 385-3706. Our nationwide document management professionals will help you find the right solutions for your business.
