Data Breach Prevention Techniques

        Understanding and Preventing Data Breaches


To reduce the chance for a data breach, it is wise to develop an IT risk management plan at your organization. Risk management solutions should leverage industry standards and best practices to assess hazards from unauthorized access, use, disclosure, disruption, modification or destruction of your organization’s information systems. Consider the following when implementing risk management strategies at your organization:

     • Create a formal, documented risk management plan that addresses the
     scope, roles, responsibilities, compliance criteria and methodology for performing
     cyber risk assessments. This plan should include a description of all systems used
     at the organization based on their function, the data stored and processed
     and importance to the organization.

     • Review the cyber risk plan on an annual basis and update it whenever there
     are significant changes to your information systems, the facilities where
     systems are stored or other conditions that may affect the impact of risk
     to the organization.

Not all companies have the resources to create and implement a fully customized plan. However, there are many simple, cost-effective steps any business can take to help prevent a data breach.

     • Never give sensitive information like Social Security numbers or credit
     card numbers out over the phone unless you can verify the identity of the person
     on the other line.

     • Shred all credit reports and other sensitive data before disposal.

     • Educate employees about phishing and pharming scams. Remind them
     not to click on anything that looks suspicious or seems too good to be true.

     • If your company doesn’t have an IT department, hire an outside
     company to set up the proper security measures for your computer network.

     • Always monitor credit reports and other financial data for the
     company. If you see things that don’t belong, investigate.

     • Do not allow employees to write down passwords in the office.

     • Always encrypt sensitive data.

What do Target, Nieman Marcus and Apple have in common? All these companies were victims of a data breach in 2013, totaling millions of stolen records that include personal information such as Social Security numbers, credit card numbers and bank account numbers.

If your company handles critical assets such as customers’ personal data, intellectual property or proprietary corporate data, you are at risk of a data breach. It doesn’t matter if you are a Fortune 500 company or a small “ma and pa” shop—cyber thieves are always looking for their next score. It is often assumed that smaller businesses can escape attention from cyber crooks, but according to Verizon Communication’s 2013 Data Breach Investigations Report, 31 percent of data breaches were at companies with 100 or fewer employees. No company of any size is completely safe from a data breach.