{"id":4421,"date":"2017-09-28T13:30:45","date_gmt":"2017-09-28T12:30:45","guid":{"rendered":"https:\/\/cybersmart.com\/?p=4421"},"modified":"2021-09-30T07:26:05","modified_gmt":"2021-09-30T07:26:05","slug":"five-simple-steps-actually-securing-companys-sensitive-information","status":"publish","type":"post","link":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/","title":{"rendered":"Five simple steps to (actually) securing your company\u2019s sensitive information"},"content":{"rendered":"<p>Ignore this at your peril\u2026<\/p>\n<p>You\u2019ve built a business, solved a problem, hired a team and planned for your future. There\u2019s only one thing that can bring your empire crashing down before you can say \u201ctwo-factor authentication\u201d, and that\u2019s a data leak. Since we\u2019re literally obsessed with security, we\u2019ve brought in the big guns \u2014 Jamie Akhtar of <a href=\"https:\/\/cybersmart.com\">CyberSmart<\/a>\u2014 to get you back on track.<\/p>\n<p><!--more--><\/p>\n<p>Here are his top five tips\u2026<\/p>\n<h4>1. Figure out what data you actually store<\/h4>\n<p>It\u2019s almost impossible to protect your information if you don\u2019t know what you\u2019ve got or where it\u2019s stored.<br \/>\nThis is getting increasingly challenging with the number of cloud services we\u2019re now using.<\/p>\n<p>Thankfully, there\u2019s an easy way of mapping this, by focusing on these key areas:<br \/>\n&#8211; What customer data do we store (and where)? This is usually your biggest data set \u2014 everything from marketing info to service delivery.<\/p>\n<p>&#8211; What company data do we store (and where)? Think email, documents and communications.<\/p>\n<p>&#8211; What employee data do we store (and where)?\u00a0Contact info, passports, payroll.<\/p>\n<p>Once you have the specifics of these three areas, you\u2019re ready to move onto step 2.<\/p>\n<h4>2. Review and lock down access<\/h4>\n<p>Most breaches involve people and this is often your weakest link, but not in the way you might think. People are the gatekeepers to information, so attackers often focus on compromising these individuals.<\/p>\n<p>Looking over the three answers from step 1, think about how you can better secure access to each of these data stores.<br \/>\n&#8211; What can we do to add more security to customer data?<br \/>\nEnsure two-factor authentication is enabled where possible, review service providers and make sure only people that need access to customer data have it.<\/p>\n<p>&#8211; Does everyone need to have access to all company data or could we segment on a need to know basis?<br \/>\nThis could mean having one folder for directors, one folder for all staff and another folder for public assets.<\/p>\n<p>&#8211; How can we protect our employee data while still being accessible?<br \/>\nThis is often highly sensitive and the recent string of employee data breaches highlight the need for better protection of this data.<br \/>\n<em>Hint: use <a href=\"http:\/\/charliehr.com\">CharlieHR<\/a>!<\/em><\/p>\n<h4>3. Protect your digital devices<\/h4>\n<p>If you work in an SME, it\u2019s highly likely that most of the laptops and phones your employees are using are not fully secured and could be compromised in some way.<\/p>\n<p>Here are the most essential measures to put in place:<br \/>\n&#8211; Install anti-malware on all devices<br \/>\nYes all devices, including Mac and Android. There\u2019s ransomware for Mac and Android, where infections are now as common as for Windows.<\/p>\n<p>&#8211; Keep your software up-to-date.<br \/>\nThis is crucial to staying protected: ensure auto-updates are enabled wherever possible and avoid the temptation to postpone updates. The number of security patches released weekly is staggering \u2014 don\u2019t give the hackers an easy way in. Bonus: many updates also reduce crashes and make your devices quicker!<\/p>\n<p>&#8211; Enable Find My Mac \/ iPhone \/ Android Device Manager.<br \/>\nThis gives you a (slim) chance to locate your device, and (more importantly) the ability to remotely wipe any sensitive data that may be left.<\/p>\n<h4>4. Secure your network<\/h4>\n<p>The network is no longer considered the safe fortress it once was, so it\u2019s extra important to limit internal exposure and prevent any malware spreading.<\/p>\n<p>Secure it with these key controls:<br \/>\n&#8211; Segment your network from the other users in your building and use virtual networks for further isolation between departments.<br \/>\n<em>Top tool: Cisco Meraki is outstanding free network equipment for attending webinars!<\/em><\/p>\n<p>&#8211; Lock down you network.<br \/>\nChange the default passwords and setup firewall rules based on what services you actually use.<\/p>\n<p>&#8211; Use a VPN when outside the office.<br \/>\nThis will prevent traffic interception and prevent being sent to malicious websites.<br \/>\n<em>Top tool: Cloak for Mac\/iPhone, TunnelBear for Windows\/Android.<\/em><\/p>\n<h4>5. Train your team members to increase resilience<\/h4>\n<p>With the massive increase in phishing attacks (the new age spam designed to trick you into clicking links or divulging information) along with exponential in growth ransomware, your staff are an important line of defence and the key to protecting sensitive information.<\/p>\n<p>Here are three top tips to prepare them to defend against the bad guys:<br \/>\n&#8211; Regularly remind everyone to not click links or respond to suspicious emails.<br \/>\nThis is still one of the most common ways that breaches start.<\/p>\n<p>&#8211; Use a password manager.<\/p>\n<p>Websites we all use are regularly compromised and our password is exposed. A password manager helps you by storing a unique password for each website you visit, making re-use a thing of the past and passwords harder to crack. No more remembering passwords!<br \/>\n<em>Top tool: 1Password for teams.<\/em><\/p>\n<p>&#8211; Stay alert and report suspicious activity<br \/>\nStaff are usually the first ones to notice when something isn\u2019t right. Ask them to report any discrepancies and make sure these are followed up upon. With inevitable attacks, detecting an issue early is as important as preventing it in the first place.<\/p>\n<p>This post originally appeared on <a href=\"http:\/\/charliehr.com\">CharlieHR<\/a>&#8216;s blog. <a href=\"http:\/\/www.charliehr.com\">CharlieHR<\/a> is the free HR platform for teams with big ideas. Building a company is hard, running one shouldn\u2019t be. Find out more here.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ignore this at your peril\u2026 You\u2019ve built a business, solved a problem, hired a team and planned for your future. There\u2019s only one thing that can bring your empire crashing&#8230;<\/p>\n","protected":false},"author":3,"featured_media":4422,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[4,11],"tags":[9,10,43,16],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Five simple steps to securing your company\u2019s sensitive information<\/title>\n<meta name=\"description\" content=\"1. Figure out what data you actually store 2. Review &amp; lock down access 3. Protect your devices 4. Secure your network 5. Train your team to increase resilience\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Five simple steps to securing your company\u2019s sensitive information\" \/>\n<meta property=\"og:description\" content=\"1. Figure out what data you actually store 2. Review &amp; lock down access 3. Protect your devices 4. Secure your network 5. Train your team to increase resilience\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/\" \/>\n<meta property=\"og:site_name\" content=\"CyberSmart\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CyberSmartUK\/?ref=br_rs\" \/>\n<meta property=\"article:published_time\" content=\"2017-09-28T12:30:45+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-09-30T07:26:05+00:00\" \/>\n<meta name=\"author\" content=\"Jamie\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberSmartUK\" \/>\n<meta name=\"twitter:site\" content=\"@CyberSmartUK\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jamie\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/\"},\"author\":{\"name\":\"Jamie\",\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/person\/5f23eb4b6bf763170a51147370df2a04\"},\"headline\":\"Five simple steps to (actually) securing your company\u2019s sensitive information\",\"datePublished\":\"2017-09-28T12:30:45+00:00\",\"dateModified\":\"2021-09-30T07:26:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/\"},\"wordCount\":886,\"publisher\":{\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#primaryimage\"},\"thumbnailUrl\":\"\",\"keywords\":[\"Cyber Essentials\",\"Cyber Security\",\"Data Protection\",\"SMEs\"],\"articleSection\":[\"Blog\",\"Cyber Security 101\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/\",\"url\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/\",\"name\":\"Five simple steps to securing your company\u2019s sensitive information\",\"isPartOf\":{\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#primaryimage\"},\"thumbnailUrl\":\"\",\"datePublished\":\"2017-09-28T12:30:45+00:00\",\"dateModified\":\"2021-09-30T07:26:05+00:00\",\"description\":\"1. Figure out what data you actually store 2. Review & lock down access 3. Protect your devices 4. Secure your network 5. Train your team to increase resilience\",\"breadcrumb\":{\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#primaryimage\",\"url\":\"\",\"contentUrl\":\"\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/cybersmart.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Five simple steps to (actually) securing your company\u2019s sensitive information\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#website\",\"url\":\"https:\/\/cybersmartcom.wpengine.com\/\",\"name\":\"CyberSmart\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/cybersmartcom.wpengine.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#organization\",\"name\":\"CyberSmart\",\"url\":\"https:\/\/cybersmartcom.wpengine.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/cybersmart.com\/wp-content\/uploads\/2020\/09\/cybersmart-aboutus-mobile.png\",\"contentUrl\":\"https:\/\/cybersmart.com\/wp-content\/uploads\/2020\/09\/cybersmart-aboutus-mobile.png\",\"width\":990,\"height\":1006,\"caption\":\"CyberSmart\"},\"image\":{\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/CyberSmartUK\/?ref=br_rs\",\"https:\/\/twitter.com\/CyberSmartUK\",\"https:\/\/www.instagram.com\/cybersmart.uk\/\",\"https:\/\/www.linkedin.com\/company\/be-cybersmart\",\"https:\/\/www.youtube.com\/channel\/UC620w4R_UG_P4ncd_9azlHg\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/person\/5f23eb4b6bf763170a51147370df2a04\",\"name\":\"Jamie\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4c8629de96048c65a367ce1066968a8f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4c8629de96048c65a367ce1066968a8f?s=96&d=mm&r=g\",\"caption\":\"Jamie\"},\"url\":\"https:\/\/cybersmart.com\/author\/jamiecybersmart-co-uk\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Five simple steps to securing your company\u2019s sensitive information","description":"1. Figure out what data you actually store 2. Review & lock down access 3. Protect your devices 4. Secure your network 5. Train your team to increase resilience","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/","og_locale":"en_US","og_type":"article","og_title":"Five simple steps to securing your company\u2019s sensitive information","og_description":"1. Figure out what data you actually store 2. Review & lock down access 3. Protect your devices 4. Secure your network 5. Train your team to increase resilience","og_url":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/","og_site_name":"CyberSmart","article_publisher":"https:\/\/www.facebook.com\/CyberSmartUK\/?ref=br_rs","article_published_time":"2017-09-28T12:30:45+00:00","article_modified_time":"2021-09-30T07:26:05+00:00","author":"Jamie","twitter_card":"summary_large_image","twitter_creator":"@CyberSmartUK","twitter_site":"@CyberSmartUK","twitter_misc":{"Written by":"Jamie","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#article","isPartOf":{"@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/"},"author":{"name":"Jamie","@id":"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/person\/5f23eb4b6bf763170a51147370df2a04"},"headline":"Five simple steps to (actually) securing your company\u2019s sensitive information","datePublished":"2017-09-28T12:30:45+00:00","dateModified":"2021-09-30T07:26:05+00:00","mainEntityOfPage":{"@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/"},"wordCount":886,"publisher":{"@id":"https:\/\/cybersmartcom.wpengine.com\/#organization"},"image":{"@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#primaryimage"},"thumbnailUrl":"","keywords":["Cyber Essentials","Cyber Security","Data Protection","SMEs"],"articleSection":["Blog","Cyber Security 101"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/","url":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/","name":"Five simple steps to securing your company\u2019s sensitive information","isPartOf":{"@id":"https:\/\/cybersmartcom.wpengine.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#primaryimage"},"image":{"@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#primaryimage"},"thumbnailUrl":"","datePublished":"2017-09-28T12:30:45+00:00","dateModified":"2021-09-30T07:26:05+00:00","description":"1. Figure out what data you actually store 2. Review & lock down access 3. Protect your devices 4. Secure your network 5. Train your team to increase resilience","breadcrumb":{"@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#primaryimage","url":"","contentUrl":""},{"@type":"BreadcrumbList","@id":"https:\/\/cybersmart.com\/blog\/five-simple-steps-actually-securing-companys-sensitive-information\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cybersmart.com\/"},{"@type":"ListItem","position":2,"name":"Five simple steps to (actually) securing your company\u2019s sensitive information"}]},{"@type":"WebSite","@id":"https:\/\/cybersmartcom.wpengine.com\/#website","url":"https:\/\/cybersmartcom.wpengine.com\/","name":"CyberSmart","description":"","publisher":{"@id":"https:\/\/cybersmartcom.wpengine.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cybersmartcom.wpengine.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cybersmartcom.wpengine.com\/#organization","name":"CyberSmart","url":"https:\/\/cybersmartcom.wpengine.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/logo\/image\/","url":"https:\/\/cybersmart.com\/wp-content\/uploads\/2020\/09\/cybersmart-aboutus-mobile.png","contentUrl":"https:\/\/cybersmart.com\/wp-content\/uploads\/2020\/09\/cybersmart-aboutus-mobile.png","width":990,"height":1006,"caption":"CyberSmart"},"image":{"@id":"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/CyberSmartUK\/?ref=br_rs","https:\/\/twitter.com\/CyberSmartUK","https:\/\/www.instagram.com\/cybersmart.uk\/","https:\/\/www.linkedin.com\/company\/be-cybersmart","https:\/\/www.youtube.com\/channel\/UC620w4R_UG_P4ncd_9azlHg"]},{"@type":"Person","@id":"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/person\/5f23eb4b6bf763170a51147370df2a04","name":"Jamie","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cybersmartcom.wpengine.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4c8629de96048c65a367ce1066968a8f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4c8629de96048c65a367ce1066968a8f?s=96&d=mm&r=g","caption":"Jamie"},"url":"https:\/\/cybersmart.com\/author\/jamiecybersmart-co-uk\/"}]}},"_links":{"self":[{"href":"https:\/\/cybersmart.com\/wp-json\/wp\/v2\/posts\/4421"}],"collection":[{"href":"https:\/\/cybersmart.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersmart.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersmart.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersmart.com\/wp-json\/wp\/v2\/comments?post=4421"}],"version-history":[{"count":0,"href":"https:\/\/cybersmart.com\/wp-json\/wp\/v2\/posts\/4421\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersmart.com\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/cybersmart.com\/wp-json\/wp\/v2\/media?parent=4421"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersmart.com\/wp-json\/wp\/v2\/categories?post=4421"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersmart.com\/wp-json\/wp\/v2\/tags?post=4421"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}