Business computers can contain a lot of sensitive data: bank account numbers, passwords, schematics and blueprints, personal employee information, client lists and much more.  As a responsible business owner or manager, you probably recognize the importance of anti-virus software, digital firewalls and other computer-based defenses against hackers after critical information. However, the threat of stolen or lost information may be much closer to home.

In fact, it’s a lot easier to simply steal data than to hack into a well-protected system – and the threat of analog data theft is real. It doesn’t even have to involve technology. Simply stealing an unattended laptop, or losing a business smart phone, can cause serious problems that can cost your business in many ways.  Where does the threat present itself? It’s all around you.

Employees

Employees – even trusted, long-time staff – are common conduits to “eyes-only” company data. If an employee leaves his office computer running while attending a meeting, anyone with a thumb drive can access sensitive company data with a few clicks and a quick download. Employees who take home work stored on a company laptop may compromise your business’ sensitive data as soon as that conscientious employee logs onto the Internet using the household local access network, or LAN.  An employee may leave her smart phone in a cab on the way to the airport, exposing key company data to anyone who picks up that smart phone.

Disgruntled employees may pose a threat to steal information that makes them more valuable to another employer in the same sector in which you operate.  A dissatisfied employee with access to the company server can download key information just before giving notice, and take that information to his next job – working for your top competitor.

Office Visitors

With a little bit of know-how and a thumb drive, a salesperson making a routine call can access an unsecured computer and download your complete client list. That salesperson may even be a familiar face, making monthly visits to your workplace, but it only takes one visit, and a few minutes, to download unprotected data.

Potential hires, spouses of employees, delivery service employees – virtually any outsider may pose a threat to stored data if you don’t take steps to prevent business information theft.

Outside Vendors

A member of the cleaning crew may enter the office, spy an unattended laptop, slip it into the trash bin and roll that laptop right out of the office. It’s simple.  If the office is cleaned after hours, data theft is even easier. There’s no one there to watch the cleaning crew’s activities.

A supplier, in for a meeting, can download your tiered pricing information in about two minutes, and leave with more than a re-order. That vendor now knows what you charge your customers.

Construction workers, handymen, office painters, sub-contractors and others you trust pose a threat to business data if you don’t protect what belongs to your company.

War Drivers

Many offices use wireless networks so employees can access data to perform work assignments. Wireless transmissions don’t stop at the walls of your workspace. Data leakage can be picked up from next door or outside on the street using simple tools and a little know-how.

War drivers, armed with nothing but a laptop and a wireless modem, drive around industrial parks and other places of business with the ability to hack into any unprotected office network.

Protect Your Information

There are many steps you can take to prevent analog data theft. Taking the time to prevent theft today may prevent damage to your company’s bottom line in the future.

Here are some simple steps you can take to prevent common, analog data threats.

  • Train employees in safe computer usage, i.e. don’t log onto unknown sites, turn off the computer when it’s left alone, note suspicious activity among co-workers, and so on. A knowledgeable staff can be an excellent defense against analog data theft.
  • Log off when not conducting online business. Many business employees log on in the morning and stay logged on throughout the work day – even when they’re not conducting work online. Simply log off when your online session is finished to lessen the likelihood of data theft.
  • Purchase and use computer locks. There are locks that prevent computers from being turned on without a key or combination. There are wire locks that prevent unauthorized laptop removal. Like bicycle chains, laptop locks make theft of equipment more difficult.
  • Password-protect each user’s account and all sensitive files. Put information access on a “need-to-know” basis. If the marketing department doesn’t require payroll records to perform its functions, lock out the marketing team from employee information.
  • Place the office server in a central location, far from windows and exterior walls. Then, walk around the exterior of the office with a networked laptop to look for signs of leakage.
  • Encrypt inter-office data exchanges. Use encryption software so war drivers can’t read sensitive information even when there is wireless leakage from your office.
  • Password-protect all digital devices including desktops, laptops, tablets, smart phones and personal data assistants (PDA). Use robust passwords that employ letters, numbers and symbols to bulk up security in the event that hardware is lost or stolen.
  • Change passwords often. Change passwords when an employee leaves the company to prevent that employee from accessing company data using his old password.
  • Don’t allow hardware to be taken from the office by employees, repair services, or even another department in another location. As soon as that laptop is removed from a secure office, it’s a moving target for data theft.
  • Lock up your company server before closing up at night. Turn it off and double-, or even triple-lock that server to prevent unauthorized access.
  • Add surveillance cameras, smart doors that require a password to open, and outdoor lighting to your workplace exterior.
  • Back-up all company data using remote data storage. This “cloud” storage of data can be your best safety net if data goes missing.
  • Finally, consider hiring a data security consultant to assess weaknesses in your data security system, and plug those holes before you learn, the hard way, that your company data is in the wrong hands.

Keep one step ahead of the bad guys to protect your business from compromised data and analog data theft.

 

The information contained herein may not represent the views and opinions of Nevada State Bank or its affiliates.  It is presented for general informational purposes only and does not constitute tax, legal or business advice.