Prevent data theft from your system
Your sensitive business information may be stored on a portable storage device, which means it could be transported out of the office.
USB drives (also known as jump, flash, pen, memory or thumbnail drives), MP3 players, mobile phones and digital cameras can store a lot of data. These devices have relatively large storage capacity given their small size. For example:
- A thumb-sized memory stick can store two gigabytes or more—enough for a personnel database and hundreds of Word documents.
- Many phones, Personal Digital Assistants (PDAs) and cameras can be connected to personal computers with a cable or infra-red link and can be used to transfer computer data.
- With broadband internet connections, employees can email vast quantities of data out of the office without anyone knowing.
- A portable music player could store 60 gigabytes of data—enough to copy a typical hard disk.
The risks to your business can include:
- A salesperson quits and takes your customer database with them.
- An employee sells private data to another company or criminals.
How to protect your data
There are a number of techniques that you can use to protect your data:
- Conduct a risk analysis. Look at the kind of information that is stored on the company networks, including who has access and what would happen if they were able to take it out of the office.
- Restrict access. Determine people's access to data on a need to know basis. Does everyone need full access to the customer database or accounts? Can you give people more limited access? Use passwords to protect sensitive information or files.
- Have clear policies. Outline what employees can do with confidential or business-critical data. For more information see Train your staff.
- Remove access. You can simply ban these devices, block USB ports on computers so they can't be used and remove CD drives.
