There is a common saying, “You don’t know what you don’t know.” All too often, we can’t achieve the right answers if we don’t know the right questions to ask. Let’s take a look at five managed network considerations that IT departments should be able to answer.
1. Diversification of Encryption
Data encryption may be the most significant data security feature since sliced bread (not that sliced bread helps protect your data), but it is still limited. While it is immensely difficult for cyber threats to reverse encryption efforts, if they were to penetrate access points, network data is as accessible to them as it is to you. However, if your encryption is diversified and proper access credentials safeguarded, your company’s data transfers to networks are practically airtight.
2. Diversification of Data Backup
Just like your economic portfolio or your eggs transported via basket(s), if diversification is not a part of your data backup procedure at some point in the process, you’re putting your company at risk of immense data loss. Cloud storage is always a preferred method that takes many variables out of the equation, but your IT department personnel should understand the value of data backup diversification.
3. Prioritization of Data
Systems access logins and receipt documents for pizza from the last business lunch-and-learn are examples of two radically different types of data. One of these types of data should be guarded under lock and key while the other isn’t as sensitive (heaven forbid someone finds out how much you spent on pizza). If you don’t yet have a hierarchical structure that allows you to gauge the sensitivity of specific data, this can leave your network systems vulnerable to cyber threats via lower levels in your company. If all of your data is equally protected, the critical along with the less-consequential, those who need to utilize the less sensitive data may inadvertently expose your organization to an excessive amount of risk.
4. Data Storage Roles and Sharing Permissions
Just like not having a prioritization of data importance, not having a user structure concerning who can view, manipulate, or share network data is gross IT negligence at its most disgusting. Listen, I’m sure you trust your entire time team, but this is not about them — it’s about minimizing risk. Even if every member is trustworthy, they still don’t need to access every secure file on your cloud database. Why? Because no one short of a tiny group of people should have unlimited access to all of your data. Ideally, the fewer people have total access, the better.
5. Keeping Tabs on Employee Cloud Storage Access
Any IT department worth their salt should know who had accessed the company’s cloud storage systems, when, from where, and precisely what actions they performed. Did they upload anything? Download anything? Grant new permissions to other users? Forget to log out when finished? Did they do so from a mobile device? Where were they when they did so? If your IT department doesn’t have this information, the investigation following a data breach will be incredibly difficult to conduct. Not only is this frustrating from a systems perspective, but it could also possibly encumber legal and insurance procedures relevant to such a breach in data security.
Stay tuned to this blog article series as we continue to look at network considerations in the future — some of which you may not have even thought to think about!