What part of your business do you consider most important?

Is it your employees, your technology, or how about your bank account?

Business owners spend a lot of time putting security measures in place to protect their business assets. This may be in the form of an alarm system for your building, specialized screening for potential hires, or a firewall for your network. All of these systems have something in common: it prevents criminals from walking off of the street and stealing from us.

So what about someone stealing from inside your business? Is your data safe?

A recent study shows that 60% of employees surveyed have stolen information from a company they worked for. We all want to trust our employees and we should, but the fact is that your data is king. The risk of your data’s security in an act of espionage is an increasing problem as companies make the difficult decision to downsize their staff.

Recently a Fortune 500 company came to us as they were concerned about an employee’s work activity. Upon their request we conducted forensic work on the computer this person used. We discovered that financial records and customer information was emailed to an outside source by that user. With the information collected we assisted in litigations against this individual.
Here are a few steps that you can take to help to avoid such a risk:

STEP 1: Understand your data. Take a moment to consider what data you use to conduct business. Whether it is a contact list, financial record, or confidential documentation, in the wrong hands it could be crippling. Decide which data should be restricted, and which should be unrestricted.

STEP 2: Regulate your data. Although you may trust your employee, you should only provide access to things that are related to his job description. Make a list of your employees and you decide who sees what data.

STEP 3: Lock it down. There are varying ways this can be done and it depends on how your network is set up. Most business’s have a server computer that holds data like emails, contacts, and financial records. This is one of the best ways to control access as accounts can be created that limit a user to specific data on the server. These limitations will do no good if just anyone can log into the server. It should have a password that may only be shared with the business owner and your IT professional.

STEP 4: Monitor your data. Have your IT professional look for any signs that your data has been comprised. Servers have logs of who accessed what and when. Make sure that it is clear to your employees the seriousness related to breaching a security policy.

- By Todd Kingman the Ring Leader at SuperGeeks