Don’t let these simple oversights be the reason your business loses valuable data

By Sandra Clitter  

I get it…I TOTALLY get it. Protect your business and personal data. Back it up. Backup the backups. Destroy old documents. Keep your passwords safe and secure. Use strong passwords.

*snore*…I so did NOT want to hear it again. That is, until I read an article from my insurance company (thank you, Hartford and author James O’Brien)…yes, my insurance company.

See…it’s not enough to simply have processes in place, but you need to TEST and EVALUATE those processes on an ongoing basis. Make sure that what you THINK is happening really IS happening. Make sure that you’ve plugged all the potential leaks in the proverbial dyke.

Say what?

As James says ‘How small businesses can lose their data in 5 easy steps’. As Sandy ammends, ‘do NOT be one of them’!

First, we’ll work on the assumption that you actually do make backups of your data. Have you ever tried to RECOVER data from one of those backups? Does the process work? You really aren’t sure that you have a valid backup until you actually try to RECOVER data from a backup. Put a process into place that tests your backup at regular intervals, say once a month. Select a file at random, then restore that file from your backup. Open the file up. Does it work? If so, great. If not, your backup isn’t worth a ‘hill of beans’, as my grandmother used to say.

Second, protect your sensitive company information (virtual and hard-copies) from angry or disgruntled employees. If you let an employee go, make sure that you monitor all movement (physical and virtual) before they have left the premises. “Trim” their access to electronic information. Make sure that they don’t delete important information and/or email themselves sensitive documents.

Third, don’t toss paper documents that contain important or secure information in the trash, or other waste disposal service. I once found carton upon carton of a company’s sales and employee records in the dumpster at my condo complex (this is a similar anecdote to the one shared by James, but I know it first-hand because I found the documents). Clearly, someone was trying to ‘safely’ dispose of the information by removing it from the company premises, but they’d exposed themselves to virtually ANYONE getting a hold of the information. If you have alot of paper to dispose of, have a mobile shredding service come to your place of business and shred it on-site. Personally, I’d want to SEE the shredding actually done, not have the documents hauled away by minimum-wage workers to some other place for disposal. That seems to open one up to exposure again.

Fourth (and I didn’t even think of this one), digital office copiers are computers themselves. You wouldn’t throw away a computer without first thoroughly wiping the drive. Don’t relinquish a leased copier, or ditch an old copier without making sure that it’s memory is wiped.

Fifth, don’t “nuke” your computer or other technology while trying to do simple maintenance…and yes, I HAVE DONE THIS myself, many years ago, but trust me, I learned a VERY valuable lesson. What do I mean? Words like ‘restore’ or ‘reset’ can be easily interchanged…however, in some technology, one will mean ‘go back to factory settings, but keep all my data’. In other technology, it means ‘wipe all my data and return my technology to its original state’. MAKE SURE THAT YOU VERIFY that your data will remain on the device BEFORE you run the process…and just in case, have a good backup (see the first item) before you proceed.

If you’re wondering how I messed this up myself, I was working in the command prompt (the old C: prompt pre-Windows) and I typed (accidentally) ‘del *.*’, then hit return. Basically, this very simple combination of seven keystrokes means DELETE ANYTHING AND EVERYTHING on this computer. There was no ‘are you sure you want to do this’ (this is back in the dark-ages of computing). It simple DID what I told it to do. Most of the time, but not all of the time, systems nowadays say ‘are you sure, are you really, really sure?’ before allowing you to totally wipe out your system and your data, but not always. When in doubt, go to the support section of your hardware or software manufacturer and read the detailed directions – they’ll tell you there.

Bottom line: The world is scary enough with data breaches occurring right and left. Make sure that you’re not contributing additional information!


6 Comments

  1. Posted October 13, 2014 at 3:17 pm | Permalink | Reply

    How do you feel about utilizing google docs?

    • Posted October 13, 2014 at 4:41 pm | Permalink | Reply

      Hey, McKenzie –

      Google Docs are great for sharing information and collaboration, but I NEVER assume that Google Docs are secure. If you pay for the Google Business level services, then the level of security is probably in the terms and conditions, but the free Google Docs…well, I just don’t believe that it is that secure. I certainly use it (or Dropbox) when collaborating with others, but I try to NOT use it for documents that contain information that should be secure.

      As a Financial Planner, you’re all to aware of FINRA compliance and requirements. They probably have secure document storage vetted which passes their security tests and is approved for use in FINRA related industries.

      Personally, use Google Docs to share things with family, store your Christmas list, etc. Use it to collaborate with various Board Committees on which you site, but please don’t EVER use it to store your passwords :-)!

  2. Posted October 13, 2014 at 11:18 am | Permalink | Reply

    Sandy,
    Thanks for the reminder notice. It always astounds me how many businesses are lax in these areas. No matter how secure we think our data is we should all be vigilant. Your comment regarding backups is fresh on my mind because I just finished a data recovery and repair for a client. Business must not forget the basics, backup, backup and backup. Then have a recovery plan. Backups are not new to business planning but so many take it for granted or forget about it. My client did not have a current backup before their hard drive crashed or a recovery plan. The result was two weeks of down time, a new server, data recovery fees and repair of damaged data. Now the question is how much did the recovery process cost? Let’s just say in the thousands. The data recovery and repair alone cost thousands. But the two weeks of downtime was by far the most expensive component. Many people forget about this aspect of data recovery. They may incur lost sales, delayed shipping, employee down time and the list goes on. All of this could be avoided by; 1. Investing $500 to $1,000 in a reliable backup system, 2. Using a Cloud backup system, 3. Developing a recovery plan and most important 4. Training employees about securing data and importance of backups.

    • Posted October 13, 2014 at 4:44 pm | Permalink | Reply

      Hey, Rob –

      Wow…good for you, bad for the client. You are so right…the cost of DOWNTIME is staggering…you almost can’t calculate it. Downtime can mean not just lost revenue, but lost clients. Add insult to injury by all the payroll that’s basically wasted because no one can work. It is truly a nightmare.

      Investing several hundred or several thousand (depending on the size of the business) dollars for a secure backup system (reliable, proven) is money very well spent. Like insurance, you never know when you’re going to need it!

  3. Becky
    Posted October 13, 2014 at 7:45 am | Permalink | Reply

    Thank you Sandy. You could probably re-issue this tip whenever you don’t have time to write a new column! I use Seagate backup for my Mac and it works pretty well. Had to use it once. The only thing it seemed to do was lock files, which I was able to unlock. But that’s a great idea: to test the backup system. I work somewhere in the afternoon and they have backup but I always thought…what if that backup didn’t really work. I think I’ll talk to the tech guy and ask if we should test.

    • Posted October 13, 2014 at 4:45 pm | Permalink | Reply

      LOL! Thanks, Becky. There are a few that are worth ‘trotting out’ on a regular basis. You’re right, this is the kick-in-the-pants one that should remind people to test their backups…even if they already have a system in place. Kinda like changing the batteries in your smoke detector when the clock changes…except you should make this a part of your ‘end of month’ processing, rather than just twice a year.

Post a Comment

Your email is never shared. Required fields are marked *

*
*