Do’s and don’ts of data security

Female using phone and tablet
By Graeme Gordon, CEO IFB

25 February 2016

ICAS Partner* IFB explains why data security is so important and what you can do to improve yours.

Data security - we all know about it but how far should we go to protect our business data?

Accountancy firms come in all shapes and sizes and for many a belt-and-braces approach to data security can’t always be implemented. Budgets may be limited and expertise may not be available. How can businesses be proactive in putting the right level of data security measures in place to ensure data is kept safe, whilst not breaking the bank?

Accountancy firms use and store vital information about clients and their financial information that in itself is attractive to cyber criminals, as this type of information equals money! Accountancy firms must embrace technology in order to be a successful modern, digital business. But at the same time must be vigilant and have the right level of data security policies in place.

A recent study by PWC found that there has been an increase in the number of both large and small organisations experiencing breaches. Ninety per cent of large organisations and 74 per cent of small businesses reported that they had suffered a security breach.

The average cost of the worst single breach suffered by businesses surveyed has gone up sharply for all sizes of business. For companies employing over 500 people, the ‘starting point’ for breach costs now commences at £1.46m, an increase from £600,000 the previous year. Small businesses do not fare much better – their higher end has more than doubled this year to £310,800.

Therefore you should expect that you will be compromised on some level. It may not be a large scale attack, it could be something as simple as a disgruntled ex-employee taking a file or transferring a document across an unsecured network. So, what precautions can your business take to minimise the chance of business critical data getting into the wrong hands?

Prioritise data and identify the business critical areas

It is not about building a high wall around your entire data estate, it’s about prioritising business critical data and  making sure the most valuable content is stored in harder to reach places. Don’t give the safe keys to everyone! Only allow access to business critical data to those who really need it.

Educate, educate, educate

This may sound simple, but educating employees about how they should look after company data and what the potential consequences are if they do not is vital. Make employees aware of security breaches in other companies to show how often simple mistakes can have detrimental effects on data ending up in the wrong hands.

Doing something as simple as sending corporate data from a work email to a personal email account can be dangerous to a company. By sending it across an unsecured network, the company opens itself up to a whole host of potential issues. To combat this problem, ensure suitable training and policies are in place so that employees understand how to communicate safely from one network to another.

Simple precautions are the secret to avoiding disasters and all businesses will benefit from this advice. As technology advances by the second, it’s important to remain one step ahead of the game at all times.

Don't forget to backup

When companies talk about data loss scenarios they envisage burning buildings and flooded basements, but these are worst case scenarios. The smaller and more common issues such as simply deleting a document or folder from the network can be disastrous if the correct procedures are not put in place. Data should always be backed up, on a regular basis. By keeping data off site, data is protected in the case of a major disaster and/or theft. Regular back-ups ensure that data is retrievable, should it be deleted accidentally.

Encrypt data where possible

A way to combat online security breaches is to encrypt as much data as possible. This ensures that by the end point of encryption – whether it’s on a tablet, a server, a memory stick or a portable device – it’s much more difficult for that data to be re-purposed or re-used in anyway.

About IFB

IFB understands the responsibility financial companies have in protecting their sensitive data. We have build our backup and recovery platform to the highest standard, using industry leading software and hardware to ensure our clients have peace of mind their data is secure and safe at all times.

IFB is offering preferential rates for ICAS members on Data Backup and Recovery to make sure your business is not seriously affected by a data breach. Learn more >


  • Technology

Previous Page