Advice for protecting your data

The topic of data security can sometimes be so complex that it leaves us scratching our heads, without an actionable idea on how to begin. However, a systemised approach just might be the answer.

First of all, you need to answer the following two questions:

  1. What data do I need to protect?
  2. How do I go about protecting it?

The answer to the first question will, of course, vary between different types of businesses. The answer to the second question can be a bit more intricate, but it is possible to tackle it with the following steps, where you will be using various policies, systems, procedures, and tools to:

  1. Predict

This step allows you to predict the possible avenues of attack and system vulnerabilities ahead of time.

  1. Prevent

The purpose of this step is to prevent threats from affecting your system. A corporate firewall is a good example.

  1. Detect

In this phase, you need to discover what threats may already be affecting you. An intrusion detection system goes a long way.

  1. Respond

If you discover a threat, you need to act upon it immediately and eliminate it.

Finally, you need three control types to maintain the security of your data. These are:

Administrative – These are security policies that will guide you.

Physical – These are locks, keys, etc., that prevent unauthorised access to your physical assets.

Technical – This is the technology that will stop intruders from gaining unauthorised access to your data through digital means, such as a firewall.