Data Encryption – What You Really Need To Know

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

In today’s digitally driven world, far too many personal and business devices are left unsecured. These devices don’t leverage strong passwords and fail to have the encryption needed to protect vital data.

Whether companies choose to store data in public, private, or hybrid clouds, they should always ensure that the data is encrypted before it leaves their devices or networks.

Additionally, when employees think that “this data isn’t important,” they are creating the weak links that hackers need to successfully infiltrate a device (or network) and subsequently steal unencrypted data, upload malware attacks, and otherwise wreak havoc on unsuspecting businesses.

Why Should Businesses Encrypt Devices?

The primary reason that businesses need to encrypt all devices is due to the sensitive data that they hold. Take, for example, Amarillo, Texas which said that one of the companies in charge of a security payroll audit for the city lost a flash drive containing city employees’ names, bank deposit information, birthdays, social security numbers, and addresses.

Secure Device Configuration

When devices are not correctly configured, then it doesn’t matter if your company has robust security protocols. With this in mind, securing devices is made easier when your business follows these vital steps:

• Lockdown any services, including remote management systems, that you are not using.
• Disable and/or change the default settings on ports.
• Prohibit the use of outdated web technologies. In this vein, Java, NPAI, and Plugins need to be kept up to date to avoid any potential security vulnerabilities.
• Create strong passwords.
• Leverage encryption for any and all business data and devices.

It is important to note that you must complete all of the above steps. For example, if you use a strong password, but fail to properly encrypt your device, then it could still be subject to theft or hacking attempts.

Fortunately, there are three additional steps that you can take to further protect your vital business data and devices.

3 Steps To A Strong Configuration

Securing your essential business data is made easier when you complete the following three steps.

1. Strong Passwords And Encryption — Did you now that in 2017 81 percent of hacking-related breaches were due to stolen (or weak) passwords? In this vein, you must ensure that your employees are following password best practices. It is especially crucial that sensitive data sent via email or stored on the cloud is appropriately encrypted.

2. Endpoint Protection — Endpoint protection will require you to complete plug-in and browser updates, use an up to date anti-virus software, and implement a proven use Data Execution Prevention (DEP) and use Endpoint Threat Detection and Response (ETDR) that has been customized for your business needs.

3. Restrict The Number Of Login Attempts — When an employee has an infinite number of login attempts, then their “strong password,” is made null-and-void. Instead, you should limit the number of login attempts to business devices or networks.

As an added level of protection, you should ensure that employees can only access portions of your system from approved devices.

The Bottom Line: Take The Steps Needed To Encrypt Data And Devices

If you want to ensure that your business data, devices, and networks remain secure, then you need to use the proper encryption methods.

Through endpoint protection, a restricted number of login attempts, secure passwords, and encryption best tactics, you can keep your vital business data safe from hacking attempts.