In-depth

Four ways to secure sensitive data

Read our tips to ensure that your business and customer data is kept as secure as possible

Keeping data safe has never been more critical for businesses, but implementing effective security can sometimes seem overwhelming, with a huge range of options.

There's no silver bullet for guaranteeing security of your organisation's data, but a layered approach, combining tools, practices and culture can make sure that as much has been done as possible.

Advertisement - Article continues below

Here are some tips to ensure that sensitive data is kept safe without introducing cumbersome security practices that staff will struggle to stick to.

Prioritise encryption

Encrypting data is one of the best ways to ensure that it doesn't fall into the wrong hands. Even if an attacker manages to access data, it is of little or no value if it's encrypted.

Like overall security practices, applying a layered approach to data encryption ensures that it's as secure as possible. This means encrypting data in transit between a store and an end user, as well as encrypting data at rest' in the databases where it's stored.

Some applications provide encryption services at the software layer, but this can bring costs in terms of complexity and reduced performance. Encryption software that runs as close to the storage hardware as possible is better for providing a transparent layer of encryption.

Reinforce database protection

The point at which data enters your organisation can be vulnerable to attackers attempting to gain access to your systems. Passing dangerous payloads to poorly designed systems means that bad actors can exploit flaws to get control through strategies like SQL injection.

A layered approach where validation is built into the code at each step can dramatically reduce your database's vulnerability to these sorts of attacks. Frequent manual and automated reviews and tests will also help support this effort.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Other steps that will help reinforce database protection include only accepting validated data into production systems, monitoring systems for errors and edge cases which could be caused by attackers, and adopting an identity management system so only authorised individuals can access data systems of records.

Separate out sensitive data

It may seem obvious, but the fewer places sensitive data exists, the fewer opportunities there are for attackers to get hold of it. Sensitive data should never be used or stored in non-production systems, and access passwords should be stored in a password manager rather than entrusted to individuals.

Some teams may require data that reliably mimics the real thing for testing, but rather than refreshing development and testing environments with production data, it is worth considering using tools that configure and generate dummy data. This allows reliable, realistic testing without risking sensitive information.

Build a culture of security

Building a culture in your business that has security at its heart is crucial to enforcing security policies, and reduces the risk of a successful attack.

Advertisement - Article continues below

There are two main prongs to building a culture of security. The first is policy-based, where a company can enforce password policies like complex passwords and regular changes, and two-factor authentication to minimise the risk of unauthorised access. Some businesses use VPNs to secure access to internal corporate networks.

The second is through educating employees, and providing training on how to protect corporate devices physically as well as through strong passwords. Regularly highlighting the danger of social attacks like phishing will help keep employee awareness high.

Advertisement

Recommended

Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020
Visit/software/video-conferencing/355229/zoom-we-moved-too-fast
video conferencing

Zoom CEO admits company "moved too fast" as privacy issues mount

6 Apr 2020
Visit/security/internet-security/355228/mozilla-fixes-two-firefox-zero-days-being-actively-exploited
internet security

Mozilla fixes two Firefox zero-days being actively exploited

6 Apr 2020

Most Popular

Visit/development/application-programming-interface-api/355192/apple-buys-dark-sky-weather-app-and-leaves
application programming interface (API)

Apple buys Dark Sky weather app and leaves Android users in the cold

1 Apr 2020
Visit/data-insights/data-management/355170/oracle-cloud-courses-are-free-during-coronavirus-lockdown
data management

Oracle cloud courses are free during coronavirus lockdown

31 Mar 2020
Visit/security/privacy/355211/google-releases-location-data-to-showcase-effectiveness-of-coronavirus
privacy

Google releases location data to show effectiveness of coronavirus lockdowns

3 Apr 2020