In an economy increasingly led by aggregation of data sets rather than face-to-face interactions; where consumers are segmented and personas attributed to each segment; information is becoming even more integral to most modern business processes.
Now, we don’t want to scare you, but what if you woke up one day and your data was lost: whole customer databases gone, files pertaining to past work corrupted or even your e-mail account hacked? These are what we would call ‘disaster scenarios.’
Most businesses carry insurance covering their property, stock and staff in cases of unforeseen emergency, but comparatively few carry Cyber Liability Coverage. When disaster does strike, they are left with significant negative effects on their business.
Ironically, it is only after scenarios like those above that one will truly know the value of their data. The monetary value of their data is the difference between your operating revenue pre-data loss and their revenue after the data loss. It need not be a short term effect; the knock on long run change is basically immeasurable as years after any significant data loss you’ll struggle to accurately project where your business would be had it been avoided.
If we study the tech start up industry, most businesses’ entire value is either based on their data (from coding, marketing intelligence to customer networks, etc.) or speculation on future profits based on this data. It is vital to keep this information safe using backups, cloud technology and cyber insurance. This does not just apply to tech-centric firms though: the same can be applied to most businesses using technology to communicate with their prospects or existing customers.
The amount of time and money you spend safeguarding your data will depend on how vital it is to your business and how likely you are to suffer data loss if experiencing one of these dreaded disaster scenarios. To assess the risks, you need to know what data you store and use in your company.
– Establish what data you store in your business.
– Many businesses store information across multiple systems and in different locations.
– Think about data held centrally as well as information stored on laptops, netbooks, staff computers, disks, tapes, memory sticks and online (‘in the cloud’). You may also have created or hold data on customers on social networking sites.
– Build up the most comprehensive list of data possible.
– Make sure you record where data is stored.
– Remember to include information stored outside of your business. For instance, your website is probably held on a server owned by a third-party hosting company, and you may use an external server.
How Valuable Is Your Data?
Mission-critical data is vital. If lost, it can seriously damage your business. You will want to give most protection to this data. This could include, for instance, your accounts.
Customer records and their accounting and financial data is vital and you must protect it by law. The Data Protection Act 1998 is the key piece of legislation relating to how your business stores and uses data. It applies to any personal information you store about living individuals.
Complying with the Data Protection Act is largely common sense, but you should seek advice if you’re at all unsure about your obligations.
How Do You Use This Data?
Consider who has access to the data and how often it is used or changed. Is it a resource accessed regularly by employees, for example a Customer Database? Or infrequently and by higher management – as would be the case with staff information.
How is it transferred? Do you use memory sticks, e-mails or other technology to transfer data from one place to another?
List Your Business Data
For each type of data, you should know where it is stored, how often it is accessed, and who uses it. You can use this list to pinpoint risks in the way your business handles data.
Threats to your business data.
It is easy to change or erase data accidentally. For instance, a staff member could delete a crucial list of customers by mistake. Use software with undo and rollback functions to minimise the risks posed by human error.
Failed hardware, like a broken hard disk, can result in the loss of crucial files. A natural disaster could destroy the server holding key business information.
Theft of company computers or laptops can result in data falling into the wrong hands, or being lost forever.
Hackers try to break into computers over the internet. This is a serious risk, particularly for companies that hold sensitive data. Some computer viruses erase files, these usually infect company systems via a downloaded file or email.
Other malware (malicious software) like trojans which may read your data and transmit it across the internet, or wipe it completely.
Make sure you follow good online security practice and use security software.
Malicious action by an individual.
Anyone with access to your data could copy or delete it. For instance, a disgruntled employee could sell your customer database to a competitor. Access control is a key way of reducing this risk.
You should consider storing your mission-critical data on a central server. Having data in only a single place reduces the risk of theft, however increases the risk of disaster scenarios.
To guard against this, consider mirroring the information elsewhere; the rapid rise in popularity of cloud technology has been due to the convenience of storing business data at a remote location guarded by robust technology and for a reasonable cost.
Discourage employees from saving important data on their own computers as a single laptop theft or virus infection could be disastrous.
Instead, provide a central filing system and give each employee named folders on your server. A disgruntled employee could transfer your entire customer database to a memory stick in seconds. You can disable the USB ports on your computers to make this impossible.
You And Your Data and how it is affected by disaster scenarios
Protecting your data should be a key aspect of your general business process; whilst insuring your data is wise, taking steps to prevent loss in the first place is essential for keeping control of a valuable asset.
For any queries on more information about protecting your data and if you believe you have suffered from any disaster scenarios, drop us an e-mail via our website and we’ll be happy to help.